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(57)Abstract: 

PROBLEM TO BE SOLVED: To aUow a framework 
to certainly charge necessary constraint on a 
service to be offered to an application by the 
dynamic construction of required mounting. 
SOLUTION: An application issues a request for 
mounting for a specific service to a framework. The 
framework receives this request, and when any 
constraint is present corresponding to this request, 
the framework decides which constraint should be 
charged on the requested mounting. This constraint 
is decided by judging whether or not the application 
issuing the request for mounting is . given 
authorization, and when this authorization is 



present, this authorization is processed for introducing the set of constraints to be charged 
on the mounting. This authorization is processed so that the introduced set of constraints 
can be the minimum constraint level. 



CLAIMS 



[Claim(s)] 

[Claim 1]. It can set to a system as which mounting of specific service is required by 
application. Are the method of determining restrictions imposed on said mounting, and it is 
judged whether there is any permission given to said application which requires said 
mounting, A method provided with processing said permission in order to lead a set of 
restrictions imposed on said mounting according to judgment that there is at least one 
permission given to said application. 

[Claim 2] A method according to claim 1 of being what is processed so that said permission 
may serve as a restrictions degree with the smallest set of said restrictions. 
[Claim 3] A method according to claim 1 further provided with accessing a set of initial 
restriction according to judgment that there is no permission given to said application, and 
drawing said restrictions based on said initial restriction. 

[Claim 4]said initial restriction - two or more law - a method according to claim 3 of being 
what is drawn by merging a policy and extracting restrictions restrictions from there. 
[Claim 5]A method according to claim 1 provided with preparing an index of said processing 
of said permission being what does not have restriction of said mounting according to 
judgment that said permission judges whether it is the permission in which all are included, 
arid said permission is the permission which includes all. 

[Claim 6] A method according to claim 1 for which it had leading a set of said restrictions 
based on said permission according to judgment that said permission judges whether said 
processing of said permission needs to mount an exemption mechanism and said 
permission does not need to mount an exemption mechanism. 

[Claim 7]A method according to claim 6 provided with leading a set of said restrictions 
based on said parameter according to judgment that drawing said restrictions judged 
whether said permission would have specified a set of a parameter and said permission has 
specified a set of a parameter. 

[Claim 8] A method according to claim 6 provided with preparing an index of being a thing 
without restriction of said mounting according to judgment that drawing said restrictions 
judges whether said permission has specified a set of a parameter and said permission has 
not specified a set of a parameter. 



[Claim 9]It is judged whether it needs to mount an exemption mechanism in which said 
permission is [ said processing of said permission ] specific, A method according to claim 1 
provided with adjusting said permission and said exemption restrictions in order to access 
a set of exemption restrictions and to draw said restrictions according to judgment that it 
needs to mount an exemption mechanism in which said permission is specific. 
[Claim 10] Said adjustment with said permission and said exemption restrictions judges 
whether said exemption restrictions permit that said specific exemption mechanism is 
mounted to said mounting, A method according to claim 9 by which said exemption 
restrictions were provided with drawing said restrictions based on said exemption 
restrictions according to judgment that it permits that said specific exemption mechanism 
is mounted to said mounting. 

[Claim 11] Said adjustment with said permission and said exemption restrictions judges 
whether said exemption restrictions permit that said specific exemption mechanism is 
mounted to said mounting, A method according to claim 9 provided with said exemption 
restrictions accessing a set of initial restriction according to judgment that it does not 
permit that said specific exemption mechanism is mounted to said mounting, and drawing 
said restrictions based on said initial restriction. 

[Claim 12] said exemption restrictions ~ two or more law - a method according to claim 9 of 
being what is drawn by merging a policy and extracting restrictions restrictions from there. 
[Claim 13] A method according to claim 1 provided with scrutinizing a Call Stack, in order 
to judge any application with which said judgment whether there is any permission given 
to said application required said mounting is. 

[Claim 14]A method according to claim 13 further provided with said judgment whether 
there is any permission given to said application attesting said application. 
[Claim 15] A device which determines restrictions in a system characterized by comprising 
the following as which mounting of specific service is required by application imposed on 
said mounting. 

A mechanism in which it is judged whether there is any permission given to said 
application which requires said mounting. 

A mechanism which processes said permission in order to lead a set of restrictions imposed 
on said mounting according to judgment that there is at least one permission given to said 
application. 

[Claim 16]The device according to claim 15 which is what is processed so that said 
permission may serve as a restrictions degree with the smallest set of said restrictions. 
[Claim 17]The device according to claim 15 further provided with a mechanism which 
accesses a set of initial restriction, and a mechanism to carry out in which said restrictions 
are drawn based on said initial restriction, according to judgment that there is no 



3 



permission given to said application. 

[Claim 18]said initial restriction — two or more law - the device according to claim 17 which 
is what is drawn by merging a policy and extracting restrictions restrictions from there. 
[Claim 19]The device comprising according to claim 15: 

A mechanism in which said mechanism which processes said permission judges whether it 
is the permission in which said permission includes all. 

A mechanism which prepares an index of being a thing without restriction of said mounting 
according to judgment that said permission is the permission which includes all. 

[Claim 20]The device comprising according to claim 15: 

A mechanism which said mechanism which processes said permission judges for whether 
said permission needs to mount an exemption mechanism. 

A mechanism in which a set of said restrictions is led based on said permission according to 
judgment that said permission does not need to mount an exemption mechanism. 

[Claim 21]The device comprising according to claim 20: 

A mechanism in which said mechanism in which said restrictions are drawn judges 
whether said permission has specified a set of a parameter. 

A mechanism in which a set of said restrictions is led based on said parameter according to 
judgment that said permission has specified a set of a parameter. 

[Claim 22]The device comprising according to claim 20: 

A mechanism in which said mechanism in which said restrictions are drawn judges 
whether said permission has specified a set of a parameter. 

A mechanism which prepares an index of being a thing without restriction of said mounting 
according to judgment that said permission has not specified a set of a parameter. 

[Claim 23]The device comprising according to claim 15: 

A mechanism in which it is judged whether it needs to mount an exemption mechanism in 
which said permission is [ said mechanism which processes said permission ] specific. 
A mechanism which accesses a set of exemption restrictions according to judgment that it 
needs to mount an exemption mechanism in which said permission is specific, and a 
mechanism in which said permission and said exemption restrictions are adjusted in order 
to draw said restrictions. 

[Claim 24]The device comprising according to claim 23: 

A mechanism in which said mechanism in which said permission and said exemption 
restrictions are adjusted judges whether said exemption restrictions permit that said 
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specific exemption mechanism is mounted to said mounting. 

A mechanism in which said exemption restrictions draw said restrictions based on said 
exemption restrictions according to judgment that it permits that said specific exemption 
mechanism is mounted to said mounting. 
[Claim 2 5] The device comprising according to claim 23: 

A mechanism in which said mechanism in which said permission and said exemption 
restrictions are adjusted judges whether said exemption restrictions permit that said 
specific exemption mechanism is mounted to said mounting. 

A mechanism in which said exemption restrictions access a set of initial restriction 
according to judgment that it does not permit that said specific exemption mechanism is 
mounted to said mounting, and a mechanism in which said restrictions are drawn based on 
said initial restriction. 

[Claim 26]said exemption restrictions -- two or more law - the device according to claim 23 
which is what is drawn by merging a policy and extracting restrictions restrictions from 
there. 

[Claim 2 7] The device according to claim 15 with which said mechanism in which it was 
judged whether there is any permission given to said application was provided with a 
mechanism in which a Call Stack is scrutinized in order to judge any application which 
required said mounting is. 

[Claim 28]The device according to claim 27 with which said mechanism in which it was 
judged, whether there is any permission given to said application was further provided with 
a mechanism which attests said application. 

[Claim 29]When it is the medium characterized by comprising the following which stored a 
command and in which computer reading is possible and said command is executed by 1 or 
two or more processors, this -- what is operated so that restrictions which impose 1 or two 
or more processors on mounting of specific service of which it was required by application 
may be determined 

A command whose 1 or two or more processors are operated so that it may judge whether 
there is any permission given to said application with which a medium in which said 
computer reading is possible requires said mounting. 

A command which operates 1 or two or more processors so that said permission may be 
processed in order to lead a set of restrictions imposed on said mounting according to 
judgment that there is at least one permission given to said application. 
[Claim 30]A medium which is what is processed so that said permission may serve as a 
restrictions degree with the smallest set of said restrictions and in which the computer 
reading according to claim 29 is possible. 

[Claim 31] According to judgment that there is no permission given to said application, so 
that a set of initial restriction may be accessed, A medium which was further provided with 
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a command which operates 1 or two or more processors, and a command to which said 
restrictions are led based on said initial restriction, and which operates 1 or two or more 
processors so that it may carry out and in which the computer reading according to claim 29 
is possible. 

[Claim 32]said initial restriction -- two or more law — a medium which is what is drawn by 
merging a policy and extracting restrictions restrictions from there and in which the 
computer reading according to claim 31 is possible. 

[Claim 33]A medium in which the computer reading according to claim 29 is possible, 
comprising: 

A command said command which operates 1 or two or more processors operates 

[ command ] 1 or two or more processors so that it may judge whether it is the permission in 

which said permission includes all so that said permission may be processed. 

A command which operates 1 or two or more processors so that an index of being a thing 

without restriction of said mounting may be prepared according to judgment that said 

permission is the permission which includes all. 

[Claim 34] A medium in which the computer reading according to claim 29 is possible, 
comprising: 

A command whose 1 or two or more processors are operated so that said permission may be 
processed and said permission may judge whether said command which operates 1 or two 
or more processors needs to mount an exemption mechanism. 

A command which operates 1 or two or more processors according to judgment that said 
permission does not need to mount an exemption mechanism so that a set of said 
restrictions may be led based on said permission. 

[Claim 35]A medium in which the computer reading according to claim 34 is possible, 
comprising: 

A command which operates 1 or two or more processors so that said restrictions may be 
drawn and said command which operates 1 or two or more processors may judge whether 
said permission has specified a set of a parameter. 

A command which operates 1 or two or more processors according to judgment that said 
permission has specified a set of a parameter so that a set of said restrictions may be led 
based on said parameter. 

[Claim 36] A medium in which the computer reading according to claim 34 is possible, 
comprising: 

A command which operates 1 or two or more processors so that said restrictions may be 
drawn and said command which operates 1 or two or more processors may judge whether 
said permission has specified a set of a parameter. 
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A command which operates 1 or two or more processors so that an index of being a thing 
without restriction of said mounting may be prepared according to judgment that said 
permission has not specified a set of a parameter. 

[Claim 37]A medium in which the computer reading according to claim 29 is possible, 
comprising: 

A command which operates 1 or two or more processors so that it may judge whether it 
needs to mount an exemption mechanism in which said permission is [ said command 
which operates 1 or two or more processors ] specific so that said permission may be 
processed. 

A command which operates 1 or two or more processors according to judgment that it needs 
to mount an exemption mechanism in which said permission is specific so that a set of 
exemption restrictions may be accessed, and a command which operates 1 or two or more 
processors so that said permission and said exemption restrictions may be adjusted in order 
to draw said restrictions. 

[Claim 38]A medium in which the computer reading according to claim 37 is possible, 
comprising: 

A command whose 1 or two or more processors said command which operates 1 or two or 
more processors operates so that said exemption restrictions may judge whether it permits 
that said specific exemption mechanism is mounted to said mounting so that said 
permission and said exemption restrictions may be adjusted. 

A command which operates 1 or two or more processors so that said exemption restrictions 
may draw said restrictions based on said exemption restrictions according to judgment that 
it permits that said specific exemption mechanism is mounted to said mounting. 
[Claim 39]A medium in which the computer reading according to claim 37 is possible, 
comprising: 

A command whose 1 or two or more processors said command which operates 1 or two or 
more processors operates so that said exemption restrictions may judge whether it permits 
that said specific exemption mechanism is mounted to said mounting so that said 
permission and said exemption restrictions may be adjusted. 

A command which operates 1 or two or more processors so that said exemption restrictions 
may access a set of initial restriction according to judgment that it does not permit that said 
specific exemption mechanism is mounted to said mounting, and a command which 
operates 1 or two or more processors so that said restrictions may be drawn based on said 
initial restriction. 

[Claim 40]said exemption restrictions -- two or more law -- a medium which is what is 
drawn by merging a policy and extracting restrictions restrictions from there and in which 
the computer reading according to claim 37 is possible. 

[Claim 41] So that it may judge whether there is any permission given to said application, A 
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medium by which said command which operates 1 or two or more processors was provided 
with a command which operates 1 or two or more processors so that a Call Stack might be 
scrutinized, in order to judge any application which required said mounting is and in which 
the computer reading according to claim 29 is possible. 

[Claim 42] So that it may judge whether there is any permission given to said application, A 
medium by which said command which operates 1 or two or more processors was further 
provided with a command which operates 1 or two or more processors so that said 
application might be attested and in which the computer reading according to claim 41 is 
possible. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] Especially this invention relates to the mechanism for determining 
the restrictions imposed on mounting of the service demanded by application about a 
computer system. 
[0002] 

[Description of the Prior Art] For years, the U.S. Department of Commerce regulated export 
of the computer program or application containing a data encryption algorithm, and has 
forbidden depending on the case. The computer program which is using the encryption 
algorithm using the encryption key more than the fixed number of bits as a present 
principle cannot be exported (the length of the key which can be specified is peculiar to an 
algorithm). There is also an exception in this rule. One of the exceptions can increase the 
length of a key, i.e., the encryption strength of a program, by the case where the exemption 
mechanism is adopted, depending on the case, There are key escrow (key escrow), the key 
recovery (key recovery), and the key weakening (key weakening) in the example of an 
exemption mechanism. The length of a key can be enlarged depending on the kind of 
program. For example, the application for a medical institution and financial institutions 
enlarges the length of a key, and the present regulation permits what the safety of 
application is improved for (it is used for protection of advanced security data). While there 
is blessed application with larger tolerance level than other applications, export control is 
needed for all encryption applications. 
[0003] 

[Problem(s) to be Solved by the InventionJThese regulations are applied also to the program 
which it is not only applied to the program which is using the encryption algorithm directly, 
but has an interface to the program which is using the encryption algorithm directly. The 
"framework" program which provides the infrastructure for performing the interaction 
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during various programs smoothly is included in a program. Although the framework itself 
does not mount any encryption algorithms, it is permissible that one or more programs 
which mount the encryption algorithm interface to a framework, or carry out "plug-in" to a 
framework. It is Java Cryptography Extension of Java Platform by [ of the example of such 
a framework ] Sun Microsystems, Inc. of California and Palo Alto in one. In permitting that 
a framework carries out "plug- in" of the cipher device style to a framework, export control is 
needed for the framework itself. This means that a framework needs to guarantee that all 
the export control is protected irrespective of code mounting [ BURAGUIN / mounting / the 
framework ], in order to be made to be possible [ export ]. In order to offer this guarantee, a 
framework needs to restrain code mounting with one of mechanisms. 
[0004] 

[Means for Solving the Problem] If this invention is followed, a mechanism in which 
mounting which imposes restrictions on service and by which custom-made ** was carried 
out is built dynamically is provided. For the purpose of this invention, service is defined as 
a broad sense and includes all functions provided to a demand or this application by 
application including encryption/decoding function (however, not limited to this). In one 
embodiment of this invention, an invention is realized within a system provided with 
general mounting and a framework of application and specific service. 
[0005JA framework receives a demand of mounting of specific service, for example, 
mounting of a specific encryption algorithm, from application. When restrictions of a 
framework exist corresponding to this, restrictions which need to be imposed on demanded 
mounting are determined. In one embodiment, when these restrictions are determined and 
there is this permission by judging whether a framework has the permission given to said 
application, in order to lead a set of restrictions imposed on said mounting, this permission 
is processed. In one embodiment, this permission is processed so that a set of restrictions 
led may serve as the smallest restrictions degree. If these restrictions are determined, a 
framework will build demanded mounting dynamically. In one embodiment, demanded 
mounting is built so that it may incorporate enforcement logic which imposes restrictions 
on general mounting of said service, said restrictions, and said general mounting. Since 
demanded mounting was built for said application, it was customized for [ the ] applications. 
Therefore, this mounting is called mounting by which custom-made ** was carried out. 
[0006]After mounting by which custom-made ** was carried out is built dynamically, a 
framework provides application with mounting by which custom-made ** was carried out. 
Then, application calls directly mounting by which custom-made ** was carried out for 
service. Since restrictions and enforcement logic for imposing it are included in mounting 
by which custom-made ** was carried out, the application does not need to act on a 
framework and mutual further. The mounting itself by which custom-made ** was carried 
out will provide service, and restrictions will be added certainly. Thus, according to 
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dynamic construction of mounting by which custom-made ** was carried out, restrictions 

which needs a framework for service provided to application can be added. 

[0007] 

[Embodiment of the Invention]The block diagram of the system 100 by which one of the 
embodiments of this invention is realized is shown in drawing 1 . The framework 102 for 
performing smoothly the interaction between 1, two or more applications 104 and 1 or two 
or more general mounting 106, the set 108 of the specified restriction, and various kinds of 
components is included in this system 100. The application 104 requires mounting of 
service of the framework 102, and receives it. Here, various kinds of applications or 
programs may be sufficient as the application 104, and it contains a Java applet, Java 
application, the application (not limited to these) compiled native, etc. For the purpose of 
this invention, the term of "service" is defined as a broad sense, and includes all the 
functions provided to a demand or this application by application including 
encryption/decoding function (however, not limited to this). 

[0008]The application 104 specifies the kind of service for mounting which it desires, when 
requiring mounting of the framework 102. For example, the application 104 can require 
mounting of the "Blowfish" encryption algorithm. Corresponding to this, the framework 102 
provides the applications 104 which have advanced the demand with mounting of the 
demand service by which custom-made ** was carried out at the application 104. 
Restrictions of the service which a framework provides are included in mounting which is 
provided by the framework 102 and by which custom-made ** was carried out. These 
restrictions are determined based on the set of the specified restriction 108, and the 
permission 110 observed in the application 104 which has advanced the demand if it was so 
that it may mention later. 

[0009]The general mounting 106 expresses mounting of the service which "plug-in" is 
carried out to the framework 102, or interfaces. Each of the general mounting 106 realizes 
service of a specific kind. For example, one general mounting mounts the "Blowfish" 
encryption algorithm, and another mounting mounts a DES encryption algorithm 
simultaneously. Each of the general mounting 106 is not restrained. That is, even if the 
restriction 108 or the permission 110 exists, mounting 106 general the very thing is not 
barred by restrictions. By this, when the general mounting 106 is mounting of an 
encryption algorithm, an encryption algorithm can be set as perfect intensity. The 
framework 102 guarantees that suitable restrictions are added to the service provided for 
the application 104, and it is not the general mounting 106 so that it may explain below. 
[0010]In the system 100, the framework 102 is a component which adjusts the whole 
operation of the system 100. The flow chart showing general operation of the framework 
102 is shown in drawing 2 . The framework 102 operates by receiving the demand of 
mounting (for example, mounting of a Blowfish encryption algorithm) of service of a specific 
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kind from the application 104 as shown in drawing 2 (202). When restrictions exist 
corresponding to this, the framework 102 judges restrictions required for demanded 
mounting (204). In one embodiment of this invention, if there is the framework 102 about 
the specified restriction 108, it will judge restrictions by adjusting with the permission 110 
observed in the application 104 which has advanced the demand. And in one embodiment of 
this invention, the framework 102 tends to add minimum restrictions as much as possible. 
In other words, in consideration of the permission 110 and the restriction 108, the 
framework 102 is tried so that generously as much as possible. 

[00 11] If restrictions are decided, the framework 102 will build demanded mounting 
dynamically (206). In one embodiment of this invention, demanded mounting is constituted 
by finding the general related mounting 106 which mounts the demanded kind (for example, 
general mounting 106 which realizes a Blowfish encryption algorithm) of service. If this is 
found, this general related mounting 106 will be included in demanded mounting with the 
restrictions determined before. The set of enforcement logic is also built into this demanded 
mounting. This enforcement logic guarantees that these restrictions are imposed on the 
general related mounting 106. Therefore, in spite of not attaching restrictions to mounting 
106 general related the very thing, enforcement logic serves as suitable restrictions applied 
to the general related mounting 106. General related mounting, the restrictions 
incorporated here, and enforcement logic are used, and the demanded construction of 
mounting is completed. Since demanded mounting incorporates construction, i.e., the 
demanded restrictions peculiar to application, specially to the demanded applications 104, 
demanded mounting can be seen to the demanded applications 104 as mounting by which 
custom-made ** was carried out. 

[00 12] Construction of mounting by which custom-made ** was carried out will pass this 
mounting to the demanded application 104 (208). Then, the application 104 requires service 
of mounting by which custom-made ** was carried out directly. Since the enforcement logic 
for imposing restrictions and restrictions on mounting by which custom-made ** was 
carried out is incorporated, it becomes unnecessary for the application 104 to act on the 
framework 102 and mutual further. The mounting itself by which custom-made ** was 
carried out provides service, and restrictions come to be certainly added to service. By 
building dynamically mounting by which custom-made ** was carried out like this method, 
the restrictions which needs the framework 102 for the service provided for the application 
104 are added certainly. 

[0013]The above-mentioned explanation provides the general outline of this invention. 
Drawing 3 explains one embodiment of this invention in detail. By the following 
explanation, this invention is required and the service provided is explained in relation to 
object-oriented mounting which is cipher service. Note that this is used only for the purpose 
of explanation. This invention is not limited to the range of explanation. If it says 
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appropriately, this invention will generally be applied to all kinds of programming 
environment, and all the kinds to which restrictions need to be added of service. 
[0014]The details of the framework 102 are shown in drawing 3 and drawing 4 . The 
framework 102 is provided with the application programming interface (API) 302, the 
service provider interface (SPI) 304, and the core 320 as shown in the figure. API302 
expresses the resource which the application 104 can call directly. API302 is provided with 
Cipher object classes 306 and ExemptionMechanism object classes 308 in one embodiment 
of this invention. It is mixed with other methods and Cipher object classes 306 is provided 
with a Getlnstance method and an Init method. A Getlnstance method is a method called 
by the application 104, when application requires mounting of service. Corresponding to 
this method call, the instance of Cipher object classes 306 is built and it is returned to the 
application 104 currently called. Custom-made ** of the returned Cipher instance is carried 
out for [ which is called ] applications, and it contains the enforcement logic for adding 
these restrictions to restrictions and the service which can provide a Cipher instance. If a 
Cipher instance is returned, call appearance of the method of a Cipher instance will be 
directly carried out by the application 104. One of the methods which need to be called by 
the application 104 currently called is an Init method. This method initializes a Cipher 
instance and enables it to operate a Cipher instance. The Init method operates as 
enforcement logic for adding restrictions to a Cipher instance. A Getlnstance method and 
an Init method are mentioned later in detail. 

[00 15] As already explained, when 1 or two or more exemption mechanisms (a key escrow, a 
key recovery, or key weakening) are mounted, the encryption algorithm (for example, key 
length was lengthened) which strengthened encryption strength depending on the case can 
be realized. When the exemption mechanism is mounted, ExemptionMechanism object 
classes 308 operates. This class provides two or more methods which can be called. In order 
that these methods may call the function of a specific exemption mechanism (for example, a 
key recovery block is generated when an exemption mechanism is a key recovery), It is 
called in order to judge whether required operation was performed (for example, was the 
key recovery block generated or not?). Object classes 306 and 308 of API302 is explained in 
detail later. 

[0016JSPI304 provides an interface required for a service provider, and carries out plug-in 
of the service mounting of a service provider to the framework 102. SPI304 is provided with 
SPI304 object classes corresponding to each API302 object classes in one embodiment of 
this invention. That is, CipherSpi object classes 310 of SPI304 corresponding to Cipher 
object classes 306 of API302 exists. And ExemptionMechanismSpi object classes 312 of 
SPI304 corresponding to ExemptionMechanism object classes 308 of API302 exists. This 
correspondence of 1 to 1 makes it easy to map the method of the API classes 306 and 308 in 
the method of the SPI classes 310 and 312. This importance is mentioned later in detail. 
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SPI object classes 310 and 312 is abstract object classes, and while the method which must 
be mounted by the class is shown, it means that object classes itself provides no mounting 
of these methods. A service provider takes charge of offer of mounting. In order to provide 
the mounting 106 of service, a service provider subclasses one of the object classes of 
SPI304, and mounting is prepared for [ all the ] the method in which the SPI class was 
defined as the subclass. Thus, the general mounting 106 shown in drawing 3 becomes a 
subclass of object classes 310 and 312 of SPI304. Each of the general mounting 106 can also 
mount service of a different kind. Each of (for example, a Blowfish encryption algorithm is 
mounted, and a DES encryption algorithm is mounted simultaneously, and a key recovery 
exemption mechanism can be mounted simultaneously) and the general mounting 106 can 
be realized without receiving no restrictions. General mounting 106 can also be carried out 
to come at mounting (for example, unrestricted in the length of an encryption key) of the 
maximum intensity. The core 320 of the framework 102 is provided with JCESecurity object 
classes 314 and JCESecurityManager object classes 316. In one embodiment of this 
invention, these object classes 314 and 316 is package private life, and cannot carry out 
direct access of the application 104. A JCESecurity class is provided with a Getlmpl method 
and a JCESecurityManager class is provided with a GetCryptoPermission method as 
shown in drawing 3 . These methods are called as a result of the call of the Getlnstance 
method of the Cipher class 306, collaborate and do the work of a large number required for 
dynamic construction of mounting by which custom-made ** was carried out. If the 
contents of all the systems are understood, you can understand well the function performed 
by these methods. Therefore, next, in order to understand all the inventions smoothly, the 
flow chart of drawing 5 and drawing 6 explains all the operations of a system. 
[0017]When it needs mounting of specific cipher service, the application 104 is calling the 
Getlnstance method of Cipher object classes 306, and advances the demand of mounting. In 
this call, application specifies the kind of service which is demanding mounting. In one 
embodiment of this invention, the kind of service becomes an encryption algorithm name 
like Blowfish, for example. The Cipher class 306 receives this demand (404), and calls the 
function of a Getlnstance method. Corresponding to this, a Getlnstance method calls the 
Getlmpl method of the JCESecurity class 314. A Getlmpl method performs two or more 
important functions. This method judges whether it is usable in the general mounting 106 
which mounts service of the demanded kind first (408). For example, it is judged whether 
either of the general mounting 106 mounts the Blowfish encryption algorithm. When the 
suitable general mounting 106 is not found, an error message is returned to the application 
104 which returns an error . message to a Getlnstance method (412), next is called. On the 
contrary, when the general mounting 106 which mounts demanded service is found, a 
Getlmpl method keeps on whether attesting found general mounting, and judges (416). 
although the method of performing this attestation is mentioned later in detail, attestation 
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is performed here using a digital signature verification mechanism only ~ it explains. 
[0018] When a Getlmpl method judges that the general mounting is not attested, it is 
judged whether the general mounting 106 which can offer service demanded exists else 
(420). When the mounting 106 general to others does not exist, a Getlmpl method returns 
an error message to the application 104 which returns an error message to a Getlnstance 
method (424), next is called. When the general mounting 106 which can offer service 
demanded exists in others, a Getlmpl method judges whether it returns to the process 416 
and general new mounting is attested. It continues until this processing is judged that the 
attested general mounting 106 which can offer service which attested mounting was found 
or was demanded does not exist. 

[00 19] When the general mounting 106 (this mounting will be called related mounting) with 
which the demanded service was attested is found, A Getlmpl method instantiates related 
mounting and generates the instance (namely, CipherSPI instance) of mounting (428). 
Then, a Getlmpl method judges whether it is necessary to add a certain restriction to the 
instance of mounting (432). In one embodiment of this invention, this judgment is made by 
judging whether it is set up for the operation with the internal framework 102, or global 
operation. Since export control is not applied when being set up so that a framework may be 
restricted to the use in the country, it is not necessary to add restrictions. The possibility of 
restriction is taken into consideration when set up, perform operation with the global 
framework 102 on the other hand. 

[0020] In order to judge the restrictions added to the instance of mounting, (436) and a 
Getlmpl method call the GetCryptoPermission method of the JCESecurityManager class 
316. The important function of a GetCryptoPermission method is adjusting the specified 
restriction 108 and the permission 110 observed in the application 104 currently called if it 
was, and leading the set of restrictions. The set of these restrictions is returned to a 
Getlmpl method by the GetCryptoPermission method. And in one embodiment of this 
invention in the set of these restrictions. Some cryptographic parameters, such as a 
demanded name of an encryption algorithm, a name of the exemption mechanism which 
needs to be imposed (supposing it exists), the maximum key length, the maximum 
execution repetition number (required for algorithms, such as RC5) of a code which are 
used, are contained. A Getlmpl method will judge whether the exemption mechanism is 
specified within these restrictions, if these restrictions are received (440). When the 
exemption mechanism is not specified within restrictions, he follows a Getlmpl method to 
the process 448. 

[0021] However, when the exemption mechanism is specified, a Getlmpl method continues 
and generates the instance of the specified exemption mechanism. In one embodiment of 
this invention, this calls the Getlnstance method of the ExemptionMechanism class 308, 
and is attained by telling the name of an exemption mechanism. Tb this call, the 
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Getlnstance method of the ExemptionMechanism class 308, The Getlmpl method of the 
JCESecurity class 314 is called (this call wants to be cautious of becoming the call of the 
2nd of a Getlmpl method). Corresponding to this, a Getlmpl method searches the effective 
general mounting 106 which mounts the specified exemption mechanism, instantiates the 
general mounting 106 (444), and generates an ExemptionMechanism Spi instance. Then, a 
Getlmpl method returns an ExemptionMechanismSpi instance to the Getlnstance method 
of the ExemptionMechanism class 308 (this is the return from the call of the 2nd of a 
Getlmpl method). 

[0022] Next, the Getlnstance method of the ExemptionMechanism class 308, The 
constructor of the ExemptionMechanism class 308 is called and the 
ExemptionMechanismSpi instance returned from the Getlmpl method is passed to a 
constructor. When called, a constructor instantiates the ExemptionMechanism class 308 
and generates an ExemptionMechanism instance. Next, a constructor encapsulates an 
ExemptionMechanismSpi instance in an ExemptionMechanism instance. It maps in a 
method [ method / of an ExemptionMechanism instance / constructor / in that case / 
instance / ExemptionMechanismSpi ]. The Init method of an ExemptionMechanism 
instance is mapped by the Enginelnit method of an ExemptionMechanismSpi instance in 
one embodiment of this invention, A GenExemptionBlob method is mapped by the 
EngineGenExemptionBlob method. As for this mapping, a call in the method of an 
ExemptionMechanism instance is sent to the right method of an ExemptionMechanismSpi 
instance. If an ExemptionMechanismSpi instance is encapsulated in an 
ExemptionMechanism instance, instantiation of an ExemptionMechanism instance will be 
completed. 

[0023]Then, a Getlmpl method returns to the Getlnstance method of the Cipher class 306 
(this). A certain Getlnstance method is provided with the instance of mounting, the set of 
restrictions, and (supposing it is) an ExemptionMechanism instance by the return from the 
1st call of a Getlmpl method. Next, the Getlnstance method of the Cipher class 306, The 
constructor of the Cipher class 306 is called and the instance of mounting received from the 
Getlmpl method to the constructor, the set of restrictions, and (supposing it is) an 
ExemptionMechanism instance are passed. Corresponding to this, a constructor 
instantiates the Cipher class 306 (448) and generates a Cipher instance. Next, a 
constructor encapsulates the instance of mounting, the set of restrictions, and (supposing it 
is) an ExemptionMechanism instance in a Cipher instance (452). That is, the Cipher 
instance operates as a "wrapper" object. A constructor is mapped in the instance method of 
mounting corresponding to the case where the instance of mounting is encapsulated to a 
Cipher instance, for the method of a Cipher instance. In one embodiment of this invention, 
the Init method of a Cipher instance, It is mapped by the Enginelnit method of the instance 
of mounting, a Update method is mapped by the EngineUpdate method, and a DoFinal 
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method is mapped by the EngineDoFinal method. This mapping is sent to the method of the 
instance of right mounting of a call in the method of a Cipher instance. Since mounting of 
these methods is provided by the instance of mounting, it becomes such. If encapsulation 
processing is completed, a constructor will return to the Getlnstance method of the Cipher 
class 306. Next, a Getlnstance method returns to the application 104 currently called, and 
provides the Cipher instance newly built by the application 104 (456). Then, the application 
104 currently called can call the method of a Cipher instance directly. 
[0024] In one embodiment of this invention, one of the first methods to which the 
application 104 currently called needs to call a Cipher instance is an Init method. This 
method initializes a Cipher instance and prepares an Init method for the usual operation. 
While calling this method, the application 104 currently called provides the set of 
initialization parameters. In one embodiment of this invention, the encryption key used for 
encryption and other arbitrary cryptographic parameters which have specified the 
attribute peculiar to algorithms, such as a repetition number of a code, are contained in 
these parameters (when a specific encryption algorithm needs). 
[0025]When an Init method is called, an Init method compares the initialization 
parameters passed by the application 104 currently called with the restrictions 
encapsulated in the Cipher instance. When initialization parameters are a level of 
restrictions, or less than it, an Init method is passed to the Enginelnit method of the 
instance of mounting of initialization parameters, and enables it to initialize the instance of 
mounting. After the instance of mounting is initialized, operation of a Cipher instance is 
attained, thus, the application 104 which is calling the Update method and DoFinal method 
of the Cipher instance in order to perform operation of encryption/decryption - therefore, it 
can call. However, when it is judged that the level of restrictions with which the 
initialization parameters passed by the application 104 which the Init method is calling 
were encapsulated was exceeded. An Init method is made not to be passed to the Enginelnit 
method of the instance of mounting of initialization parameters. It is made not to initialize 
by it, the instance, i.e., the Cipher instance, of mounting. When a Cipher instance is not 
initialized, it becomes impossible for the Cipher instance to operate normally. Thus, an Init 
method is prevented from operating a Cipher instance effectively by not initializing. By this 
method, the encapsulated restrictions commit an Init method as enforcement logic which 
ensures being imposed on the instance of mounting. 

[0026] When an ExemptionMechanism instance is encapsulated in a Cipher instance, the 
Init method of the Cipher class 306 performs an additional function. The function ensures 
performing required operation, before an ExemptionMechanism instance is called correctly 
and performs a data encryption with the application 104. For example, when an exemption 
mechanism is a key recovery, before enciphering data, it is necessary to call an 
ExemptionMechanism instance, and to generate and save a key recovery block; In order to 
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ensure what required operation was performed for by the ExemptionMechanism instance, 
an Init method calls the IsCryptoAllowed method of an ExemptionMechanism instance. In 
one embodiment of this invention, an ExemptionMechanism instance, Information is held 
in it about whether the GenExemptionBlob method was called (the ExemptionMechanism 
instance is the origin by which operation of a required exemption mechanism is performed). 
An IsCryptoAllowed method is called and this information can access it. Operation which 
needs this IsCryptoAllowed method was performed (.). That is, when what the 
GenExemptionBlob method was called for is shown, an Init method enables it to initialize, 
the instance, i.e., the Cipher instance, of mounting. Since it keeps an Init method from the 
ability of initialization to do when required operation is not performed, the Cipher instance 
can operate no longer. Therefore, an Init method not only adds restrictions to the instance 
of mounting, but ensures that an exemption mechanism is applied. 
[002 7] As mentioned above, it is a GetCryptoPermission method of the 

JCESecurityManager class 316 which judges the restrictions added to the service provided 
by the Cipher instance. These restrictions will be determined as the specified restriction 
108 based on the permission 110 observed in the application 104 currently called, if it is. 
Although one embodiment of a GetCryptoPermission method is described below, before 
describing an embodiment in detail, in order to understand all this inventions smoothly, the 
restriction 108 and the permission 110 are explained briefly. 

[0028]In one embodiment of this invention, the restriction 108 comprises two-set restriction 
of default configuration and exemption setting out. Fundamentally, default configuration 
specifies the initial restriction which needs to be added to an encryption algorithm, when 
the exemption mechanism is not mounted. And when the exemption mechanism is mounted, 
the restriction which needs to be added to an encryption algorithm is specified as exemption 
setting out. Generally, when the exemption mechanism is mounted, a firm cryptographic 
parameter can be used. In one embodiment of this invention, restriction of both setting out 
is due to the law and regulation which are applied. 

[0029] Each setting out (default configuration or exemption setting out) of restriction 
comprises 0 or one or more entries. Some restrictions added to a specific encryption 
algorithm and its algorithm are specified as each entry. The entry of each setting out about 
restriction is having the same structure. In one embodiment of this invention, each entry 
comprises the field or the information container which saves the following information. 
(1) Restriction of a code peculiar to the algorithm of others, such as the maximum repetition 
number of a code, by which an encryption algorithm name, an identifier (2) exemption 
mechanism name or the identifier (3) maximum key length, and (4) execution are carried 
out [0030] Because of the purpose of this invention, any desirable forms are possible for an 
entry. For example, it can mount as an object with the required information encapsulated in 
it in each entry, and each entry can also be made into the combination of a text in a file. As 
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long as right information is provided, any desirable thing forms can be used. 
[0031]The example of the default configuration of restriction and exemption setting out is 
shown in drawing 7 . In the entry of default configuration, it is cautious of an exemption 
mechanism specifying neither but certainly specifying an exemption mechanism by the 
entry of exemption setting out. Since default configuration specifies the restrictions added 
when the exemption mechanism is not mounted and exemption setting out specifies the 
restrictions added when the exemption mechanism is mounted, it becomes such. 
[0032]The interpretation of the default configuration of restriction is easy. Fundamentally, 
each entry expresses the maximum cryptographic parameter about a specific encryption 
algorithm. Therefore, with a Blowfish algorithm, the 128-bit maximum key length is used 
like drawing 7 . Similarly, in RC5 algorithm, the 64-bit maximum key length and the 
maximum repetition number of 10 times of codes are used. The interpretation of exemption 
setting out is easy almost similarly. Fundamentally, the 1st entry of exemption setting out 
shows that the maximum key length is made to increase and it is made to 256 bits, when 
the key recovery exemption mechanism is mounted with the Blowfish algorithm. Similarly, 
it is shown that the 2nd entry makes the maximum key length increase, and is made to 256 
bits when the key escrow exemption mechanism is mounted with the Blowfish algorithm. 
Note that the same algorithm name (in this case, Blowfish) can be described for two or more 
entries in exemption setting out. If the exemption mechanisms specified as these entries 
differ, the same algorithm name can be described. 

[0033]The restriction 108 specified is a part of only factor taken into consideration by the 
determination of the restrictions added to a Cipher instance. The permission 110 observed 
in the application 104 currently called exists, then another factor is them. As explained 
above, firm cryptography can be used for a kind like the application for a medical 
institution and financial institutions of application compared with other applications. The 
authority to use firm cryptography with the application for a medical institution and 
financial institutions or other applications is reflected in the permission 110 observed in 
application. In one embodiment of this invention, the permission 110 takes one of two or 
more forms. The 1st form is CryptoAllPermission information. When application is given 
CryptoAUPermission, all the permissions in which the meaning is possible to application 
will be given. In other words, application is not restricted. This enables the highest 
permission that can be accepted, therefore is observed in the application of a **** small 
number. 

[0034]Permission lower than this which is observed in application is permission for 
strengthening the encryption strength of a specific cryptographic algorithm, or mounting 
indefinitely. In one embodiment of this invention, this kind of permission specifies the 
combination (for example, the maximum key length) of a specific algorithm name (for 
example, Blowfish) and arbitrary maximum parameters. When the combination of a 
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maximum parameter is specified, an encryption algorithm may be mounted on the level of 
the maximum parameter specified. When the combination of a maximum parameter is not 
specified, an encryption algorithm may be mounted on arbitrary levels (that is, an 
algorithm is not restrained). Thus, when Blowfish is specified with the 128-bit maximum 
key length by permission, the application can use a Blowfish encryption algorithm by the 
128-bit maximum key length. Only in the case that Blowfish is specified by permission, the 
application can use a Blowfish encryption algorithm, without being restricted to the length 
of a key. Until now, only the maximum key length was explained about the maximum 
parameter. The maximum parameter should be cautious of the ability of another 
parameters, such as the maximum repetition number of a code, to be included. Such an 
another parameter can also require encryption algorithms, such as RC5, therefore can also 
include them into a maximum parameter. 

[0035] Other permissions observed in application are permissions for mounting a specific 
exemption mechanism in a specific encryption algorithm (for example, key recovery which 
uses Blowfish). If an exemption mechanism is mounted as mentioned above, application 
can usually use a firm cryptographic parameter (for example, long key length). Thus, the 
permission which mounts an exemption mechanism raises encryption strength 
dramatically. It is explained below by that permission is actually dependent on the contents 
of the restriction 108 whether it lends, and there is nothing or it is usable in mounting of an 
exemption mechanism. At this point, application must be noticed also about it being 
possible for two or more permissions to be accepted. For example, application can also 
mount two or more kinds of exemption mechanisms. One application can have two or more 
permissions accepted that case and in the case of others. 

[0036] Next, the flow chart of drawing 8 explains operation of the GetCryptoPer mission 
method of the JCESecurityManager class 316 based on such background information. A 
GetCryptoPermission method receives the set of the parameter containing the encryption 
algorithm name (for example, Blowfish) demanded by the application 104 currently called, 
when it is called. Corresponding to a call, a GetCryptoPermission method determines the 
application 104 currently called first (604). That is, a GetCryptoPermission method 
determines the application 104 which called the Getlnstance method which became a cause 
by which a GetCryptoPermission method was called. In one embodiment of this invention, a 
GetCryptoPermission method makes this decision by examining a Call Stack in detail. This 
traces a call order and returns from a GetCryptoPermission method to a Getlmpl method, 
Next, it carries out by returning to a Getlnstance method and returning to the application 
104 which is calling the Getlnstance method first next. Like this method, by examining a 
Call Stack in detail, the beginning calls and a GetCryptoPermission method can determine 
the application 104. 

[0037] Determination of the application 104 currently called will determine whether the 
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application 104 currently called has a certain effective permission observed in it (608). In 
one embodiment of this invention, this is performed by determining first whether a certain 
permission was primarily given to the application 104. In one embodiment of this invention, 
this decision is made by checking the file related to the application 104 and checking 
whether a certain permission is included in this. By a Java programming environment, the 
file of application is included in a JAR file and uses this JAR file for the check of permission 
in this environment. 

[0038] When a certain permission is found, verification processing is performed and it is 
guaranteed that permission is effective. In one embodiment of this invention, this 
verification is performed using a digital signature. Specifically, the JAR file by which the 
digital signature was carried out exists in the arbitrary applications 104 including 1 or two 
or more permissions. The source of the application 104 is trusted and this digital signature 
ensures that the contents of the application 104 were not changed. When this digital 
signature is verified, it means that the permission included in a JAR file is effective. 
Permission is invalid when this digital signature is not verified. A GetCryptoPermission 
method performs this verification using a digital signature verification mechanism. A 
digital signature verification mechanism suitable because of the purpose of this invention 
and effective can also be used. 

[0039] When it is judged that the application 104 which the GetCryptoPermission method is 
calling does not have effective permission, A GetCryptoPermission method determines the 
restrictions added to a Cipher instance based on restriction of the default configuration of 
restriction (612). Specifically, a GetCryptoPermission method searches the default 
configuration entry of the entry of the same algorithm name as the encryption algorithm 
demanded by the application 104 currently called. After the entry is found, restrictions are 
drawn from the restriction (for example, the maximum key length and other restrictions) 
specified in the entry. For example, as for restrictions, the maximum key length will be set 
to 128-bit Blowfish like the example of drawing 7 . when the application 104 currently called 
is demanding mounting of a Blowfish algorithm. After restrictions are decided, restrictions 
are returned to the Getlmpl method of the JCESecurity class 314 by the 
GetCryptoPermission method (616). 

[0040] When it is judged that the application 104 which returns to the process 608 and the 
GetCryptoPermission method is calling has 1 or two or more effective permissions, A 
GetCryptoPermission method determines whether either of these permissions is 
CryptoAllPermission (620). In CryptoAllPermission, the application 104 is not restricted. 
In that case, a GetCryptoPermission method returns directions without restrictions to a 
Getlmpl method (624). However, when all permissions are not CryptoAllPermission(s), he 
follows a GetCryptoPermission method to the process 628. 

[0041] When it processes to the process 628, the application 104 has 1 or two or more 
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effective permissions, and it turns out that no these permissions are 

CryptoAUPermission(s). Therefore, it means that permission becomes either of two kinds of 
the following. 

(1) The kind (namely, kind which specifies the set of a specific encryption algorithm and an 
optional maximum parameter) which does not require the exemption mechanism which 
should be added, or the kind which requires the exemption mechanism which should be (2) 
Added (namely, kind which specifies an exemption mechanism with a specific encryption 
algorithm) 

[0042] At the process 628, a GetCryptoPermission method determines whether either of the 
permissions is a thing of the kind which does not require the exemption mechanism which 
should be added. When either of the permissions is this kind, it determines about whether 
that permission is applicable to each of those permissions (632). Permission is applicable 
when the encryption algorithm specified as permission is the same as the encryption 
algorithm demanded by the application 104. For example, one permission is applied when 
the application 104 is demanding mounting of a Blowfish algorithm, and the encryption 
algorithm specified as permission specifies the Blowfish algorithm. A maximum of one 
permission is applied in one embodiment of this invention. When determining that one of 
the permissions of a GetCryptoPermission method is applied, a GetCryptoPermission 
method, The restrictions added to a Cipher instance based on the maximum parameter 
(supposing it exists) specified as permission are determined. That is, when the set of a 
maximum parameter is specified as permission, restrictions are determined based on the 
specified maximum parameter. When the combination of the maximum parameter is not 
specified, restrictions become unrestricted and an encryption algorithm is not restrained. 
After restrictions are determined, restrictions are returned to the Getlmpl method of the 
JCESecurity class 314 by the GetCryptoPermission method (636). 

[0043]any of the permission which does not require the exemption mechanism in which it 
returns to the process 632 and a GetCryptoPermission method should be added -- although 
-- when being inapplicable is determined, it progresses to the process 640. At the process 
640, a GetCryptoPermission method determines whether either of the permissions given to 
the application 104 is a kind which requires the exemption mechanism which should be 
added. When such permission is not found, a GetCryptoPermission method determines the 
restrictions added to a Cipher instance using the default configuration of restrictions (644). 
The method of determining restrictions is the same as the method explained in relation to 
the above-mentioned process 612. After restrictions are decided, restrictions are returned to 
a Getlmpl method by the GetCryptoPermission method (648). 

[0044] On the other hand, when a GetCryptoPermission method determines that at least 
one of the permissions observed in the application 104 is a kind which requires the 
exemption mechanism which should be added, it progresses to the process 652. At the 
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process 652, a GetCryptoPermission method determines whether either of the permissions 
which require the exemption mechanism which should be added is applicable. Specifically a 
GetCryptoPermission method, Mounting of the exemption mechanism which could use the 
set of specific its encryption algorithm / exemption mechanism, or was specified determines 
whether to be usable or not to each of the permission which can be applied to the encryption 
algorithm as which which of these permissions is demanded, or is applied. When you 
perform these functions, refer to the exemption setting out of restriction for a 
GetCryptoPermission method. He can understand these operations well by illustration. 
[0045]The encryption algorithm demanded is a Blowfish algorithm and application 
presupposes that the following two kinds of permissions are accepted. 

(1) Blowfish, key weakening, and (2) Blowfish and a key recovery [0046] Exemption setting 
out of the restriction furthermore shown in drawing 7 is assumed. In this example both, 
since permission relates to Blowfish, both permissions apply to the demanded application. 
Therefore, both both permissions will be processed and it is begun to process them from the 
1st permission. Key weakening can be made to use the 1st permission with Blowfish. In 
order that this permission may determine whether to be usable or not, a 
GetCryptoPermission method searches exemption setting out with this combination of an 
entry Although two entries of Blowfish exist in exemption setting out, neither of these 
entries specifies key weakening as an exemption mechanism. Therefore, this permission 
cannot be used or applied by that the combination of Blowfish which can use exemption 
setting out of restriction, and key weakening is not clearly shown to be and which is twisted. 
[0047] In this case, he follows a GetCryptoPermission method to processing of permission of 
the next which permits the key recovery used with Blowfish. This permission searches the 
entry of the same method as the beginning, i.e., exemption setting out, and is processed. 
This time, the entry which can use the combination as which Blowfish and a key recovery 
were specified is found. As a result, use or application of this permission is attained. 
However, an inquiry does not finish there. A GetCryptoPermission method determines 
whether to be usable in effective mounting of the specified exemption mechanism (this 
example key recovery), before accepting use of this permission. And this permission is not 
applied when not usable in mounting. When making this decision, a GetCryptoPermission 
method searches the effective general mounting 106 (drawing 4) which mounts the 
specified exemption mechanism. It will understand whether the GetCryptoPermission 
method can apply either of the accepted permissions by the end (652) of this processing. 
[0048]When a GetCryptoPermission method determines that permission is applicable, a 
GetCryptoPermission method uses not the default configuration of restriction but 
exemption setting out, and determines the restrictions added to a Cipher instance (656). 
Specifically, a GetCryptoPermission method draws restrictions from the entry of exemption 
setting out with the same algorithm name as this permission, and an exemption 
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mechanism. This entry is an entry of the beginning of exemption setting out in the target 
example, and those restrictions are Blowfish which the maximum key length equipped with 
a 256-bit key recovery. After these restrictions are decided, restrictions are returned to the 
Getlmpl method of the JCESecurity class 314 by the GetCryptoPermission method (660). 
The entry of exemption setting out enables it to usually use a cryptographic parameter 
firmer than default configuration, as mentioned above. Therefore, a GetCryptoPermission 
method raises the encryption strength of a Cipher instance by drawing restrictions of 
exemption setting out. 

[0049] When it returns to the process 652 and neither of the permissions can be applied, a 
GetCryptoPermission method uses the default configuration of restriction and determines 
the restrictions added to a Cipher instance (644). The method of determining restrictions is 
the same as the method explained above in relation to the process 612. Therefore, the 
application 104 is dealt with like the case where application is not given permission at all. 
After restrictions are decided, restrictions are returned to a Getlmpl method by the 
GetCryptoPermission method (648). Like the explained method, a GetCryptoPermission 
method determines the restrictions added to a Cipher instance. A GetCryptoPermission 
method tends to give the encryption strength maximum with all restrictions given to a 
Cipher instance by using initial restriction, when it is going to apply permission first, next 
applies neither of the permissions. In other words, a GetCryptoPermission method tends to 
add restrictions of a minimum level. 

[0050]As mentioned above, the default configuration of the restriction including all the sets 
(drawing 1) of the restriction 108 and exemption setting out are due to applicable law and 
regulation. In one embodiment of this invention, they are drawn based on the following two 
laws and regulations at least. 

(1) The U.S. exporting method and (2) local method (law of the country where the 
framework 102 is imported, or the area) 

[0051] Since the sets of these laws differ in almost all cases, regulated treatment is 
performed in order [ which is in agreement with the set of both laws ] to lead the set of one 
restriction. In one embodiment of this invention, this adjustment is performed using merge 
processing. The set of two laws is merged, and generates a set as a result of the restriction 
108, and, specifically, merge is performed by the way the obtained restriction 108 includes 
the restriction when the set of two laws was restrained most. By choosing the restriction 
restrained most, merge processing guarantees that the obtained restriction 108 follows the 
set of both laws. 

[00521 Drawing 9 expresses the outline of merge processing. The U.S. exporting method 702 
comprises the default component 706 and the exemption component 708 as shown in the 
figure. Similarly, the local method 704 comprises the default component 710 and the 
exemption component 712. The default components 706 and 710 specify the default 



23 



restriction applied to an encryption algorithm, when the exemption mechanism is not 
mounted. And the exemption components 708 and 712 specify restriction in case the 
exemption mechanism is mounted. In one embodiment of this invention, the default 
components 706 and 710 and the exemption components 708 and 712 are holding the same 
form as the default configuration 714 of restriction and the exemption setting out 716 
which were explained in relation to drawing 7 above. That is, each components 706, 710, 
708, and 712 comprise 0 or an entry beyond it. Each entry is provided with the field or the 
container for saving the following. 

(1) An encryption algorithm name, an identifier (2) exemption mechanism name or the 
identifier (3) maximum key length, and code restrictions of (4) others [0053] In order to 
draw the obtained restriction 108, the default components 706 and 710 are merged for 
every entry, and the default configuration 714 of the restriction 108 obtained is generated. 
The exemption setting out 716 of the restriction 108 produced by merging the exemption 
components 708 and 712 for every entry is generated. After this restriction is drawn, the 
obtained restriction 108 is used by the GetCryptoPermission method of the 
JCESecurityManager class 316, and determines the restrictions added to a Cipher instance. 
[0054] Next, one embodiment of merge processing is described along with the flow chart of 
drawing 10 and drawing 11 . The next explanation explains using the policy A, B, and C. 
The policies A and B point out the sources of information (for example, the U.S. exporting 
method and a local method) of merge. The policy C points out a merge result (for example, 
obtained restriction 108). As shown in drawing 9 . the default components 706 and 710 and 
the exemption components 708 and 712 are independently merged using separate merge 
operation. However, note that the same merge processing is used by both merge. 
[0055] Now, merge processing begins from selection (804) of the next entry (in this case, the 
first entry) of the policy A like drawing 10 . It is determined whether compare the selected 
entry with the entry of the policy B, and a corresponding entry exists in the policy B (808). 
In one embodiment of this invention, this decision is made by comparing the selected 
algorithm name of an entry and exemption mechanism name with the algorithm name and 
exemption mechanism name of an entry of the policy B. If the algorithm of the same name 
as the entry of the policy B and the combination of an exemption mechanism exist, it will 
become an entry to which the entry corresponds. In this case, restriction of two 
corresponding entries is compared and it opts for the restriction restrained most (820). 
[0056] As an example of this method, the algorithm name of both policies A and B considers 
the entry in which an exemption mechanism does not exist by RC5. In 64 bits and the 
maximum repetition number, 12 and the maximum key length of the entry of the policy B 
consider it as 128 bits, and the maximum repetition number sets [ the maximum key length 
of the entry of the policy A] to 10. In this case, the maximum key length will be 64 bits and, 
as for the restriction restrained most, the maximum repetition number is set to 10. It opts 



24 



for the restriction most restrained for every restriction as shown in this example. 
[0057JA new entry is generated by the policy C after the restriction restrained most is 
decided (824). The same algorithm name as two corresponding entries and an exemption 
mechanism name exist in this new entry. The restriction for which it opted at the process 
820 and which was restrained most exists in this new entry as that restriction. The policy's 
C generation of a new entry will terminate processing of the entry chosen now. And 
judgment whether an entry exists in the policy A more is made (828). When an entry exists, 
processing is returned to the process 804, and the next entry of the policy A is chosen and 
processed. When an entry does not exist, processing is advanced to the process 832. 
[0058] It returns to the process 808, and when it is judged that the entry corresponding to 
the entry selected in the policy A does not exist in the policy B, judgment whether the entry 
of a wild card exists in the policy B is made (812). This wild card operates as a container for 
the combination of all the algorithm name / exemption mechanisms which are not shown in 
the policy B by showing clearly. When a wild card is not found in the policy B, processing of 
the selected entry is completed. A new entry is not generated, but processing progresses to 
the policy C to the process 828, in order to search the next entry of the policy A. 
[0059]On the other hand, when it is judged that the entry of a wild card exists in the policy 
B, the selected restriction of an entry and restriction of the entry of wildcard are compared, 
and it opts for the restriction restrained most (816). This decision is made by the same 
method as the explanation mentioned above about the process 820. A new entry is 
generated by the policy C after the restriction restrained most is decided (824). The same 
algorithm name as the selected entry and an exemption mechanism name exist in this new 
entry. The restriction which was decided by the process 816 and which was restrained most 
exists in this new entry as that restriction. The policy's C generation of a new entry will 
terminate processing of the entry chosen now. And judgment whether an entry exists in the 
policy A is made (828). When an entry exists, processing is returned to the process 804, and 
the next entry of the policy A is chosen and processed. This processing continues until all 
the entries of the policy A are processed. 

[0060] After all the entries of the policy A are processed, it becomes the watch which 
processes all the entries of the policy B which do not correspond to the entry of the policy A. 
However, before performing this, it is judged whether the entry of a wild card exists in the 
policy A (832). When the policy A does not have an entry of a wild card, since they do not 
become an entry of the addition created by the policy C, the additional entry of the policy B 
does not need to be processed any more. Thus, when the entry of a wild card does not exist 
in the policy A, construction of the policy C is completed (836). 

[0061] On the other hand, when the entry of a wild card exists in the policy A, processing of 
the policy B begins from selection of the next entry (in this case, the first entry) of the policy 
B (840). It is judged whether the selected entry is compared with the entry of the policy C, 
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and a corresponding entry exists in the policy C (844). In one embodiment of this invention, 
this decision is made by comparing the algorithm name of the selected entry, an exemption 
mechanism name, the algorithm name of the entry of the policy C, and an exemption 
mechanism name. When a corresponding entry is found in the policy C, the selected entry 
means already having been processed as a part of processing of the entry of the policy A. In 
this case, processing of the chosen entry is not needed. As a result, processing progresses to 
the process 856 and the next entry of the policy B is searched. 

[0062] On the other hand, when the selected entry supports neither of the entries of the 
policy C, it opts for the restriction which compared the selected restriction of an entry and 
restriction of the entry of the wildcard of the policy A, and was restrained most (848). This 
decision is made by the same method as the explanation mentioned above about the process 
820. A new entry is generated by the policy C after opting for the restriction restrained 
most (852). The same algorithm name as the selected entry and an exemption mechanism 
name will exist in this new entry. The restriction for which it opted at the process 848 as 
that restriction and which was restrained most will exist in this new entry. After a new 
entry is generated by the policy C, processing of the entry selected now is completed. And it 
is determined whether an entry exists in the policy B further (856). When an entry exists, 
processing is returned to the process 840, and the next entry of the policy B is chosen and 
processed. This processing continues until all the entries of the policy B are processed. 
Processing of all the entries will terminate construction of the policy C (860). 
[0063] Explained merge processing is performed by the initializer of the JCESecurity class 
314 in one embodiment of this invention. This initializer will be called shortly after the 
JCESecurity class 314 is called. When initializer is called, initializer merges two or more 
sets of the law with which initializer was provided, and generates all the sets 108 of 
restriction. All the sets 108 (it has default configuration and exemption setting out) of this 
restriction are generated, and this is used after that by the GetCryptoPermission method 
which determines the restrictions added to a Cipher instance. 

[0064]As mentioned above, the Getlmpl method of the JCESecurity class 314 takes charge 
of instantiation of the general related mounting 106, and generates the instance of 
mounting. As a part of instantiation processing, a Getlmpl method performs authenticating 
processing. In one embodiment of this invention, this authenticating processing becomes 
the form of the mutual recognition that a Getlmpl method attests the general related 
mounting 106, and the general related mounting 106 attests the framework 102. In order to 
enable this mutual recognition to produce in one embodiment of this invention, (1) The 
DESHITARU signature of the JAR file of the general related mounting 106 is carried out, 
(2) The DESHITARU signature of the JAR file of the framework 102 is carried out, (3) The 
set of the ambiguous reliance public key (obfuscated trusted public keys) which the 
JCESecurity class 314 can use for verification of a signature of the JAR file of general 
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related mounting is embedded, (4) The general related mounting 106 is embedded in the set 
of the reliance public key used for verification of a signature of the JAR file of a framework. 
[0065]This premise can be given and mutual recognition is performed as follows. First, the 
ambiguous reliance public key embedded in the JCESecurity class 314 is used, and the 
digital signature of the JAR file of general mounting to which a Getlmpl method relates is 
verified. When this digital signature is verified, a Getlmpl method instantiates the general 
related mounting 106, and the constructor of this general related mounting is called. When 
a constructor is called, a constructor uses the reliance public key embedded at the general 
related mounting 106, and verifies the digital signature of the JAR file of a framework. 
When a constructor determines that the digital signature of the JAR file of a framework is 
right, a constructor will build the instance of demanded mounting. When a digital 
signature is not right, a constructor returns an error. The instance of mounting will be built 
only a right case for both the general related mounting 106 and the framework 102 as 
shown in this explanation. 

[0066] By execution of this verification processing, a Getlmpl method trusts an external 
digital signature verification mechanism. That is, in one embodiment of this invention, the 
verification of a signature itself does not perform a Getlmpl method. On the contrary, a 
Getlmpl method shows an external digital signature verification mechanism the digital 
signature of the general related mounting 106, and an ambiguous reliance public key, and 
receives verification. In one embodiment of this invention, an external digital signature 
verification mechanism turns into a signature mechanism (Signature Mechanism) of Java 
Runtime. This signature mechanism is a part of total Java environment, and is not a part 
of framework 102. Therefore, if it sees from the framework 102, this signature mechanism 
is not the component "trusted." If the result which a signature mechanism can be right and 
can trust as a result is provided, before trusting it, it is verified in order for the signature 
mechanism itself to guarantee a lawful thing (that is, the right verifying function is 
performed). 

[0067]In order that it can verify a signature mechanism, at least two digital signatures are 
embedded into it at the JCESecurity class 314. It turns out that one is verifiable using an 
ambiguous reliance public key, and, as for another, it turns out that it is unverifiable using 
an ambiguous reliance public key. These signatures are shown in an order which cannot be 
predicted in a signature mechanism, and examine the legitimacy. One possible embodiment 
of processing which examines a signature mechanism is shown in drawing 12 . 
[0068] Verification processing begins from the determination (904) of the digital signature 
(digital signature possible [ verification ] or unverifiable) shown to a signature mechanism 
as shown in drawing 12 . This decision is made by the method which cannot be predicted to 
be a signature mechanism, and is performed in one embodiment of this invention using 
random processing. For example, a random number will be generated and, in the case of the 
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range (it is in agreement with 0) with a random number, one of the signatures will be 
chosen. In the case of range (it is in agreement with 1) with an another random number, 
another signature will be chosen. In one embodiment of this invention, a decision of the 
process 904 is made, even if it takes the before selected signature into consideration. Other 
signatures are chosen by the process 904 when all before selected signatures are the same 
signatures. At least one each of two signatures is chosen, and this guarantees examining 
the legitimacy of a signature mechanism thoroughly. 

[0069] After one of the signatures is chosen, it is shown to a signature mechanism for 
verification of the selected signature and an ambiguous reliance public key (908). Next, a 
signature mechanism provides the response which shows one of whether the signature was 
verified or it was not verified. This response is received (912) and accuracy is checked (916). 
When the signature which the signature mechanism was shown is specifically able to be 
verified, the response is checked by the index which shows that the signature was verified. 
When the signature which the signature mechanism was shown is not able to be verified, 
the response is checked by the index which shows that the signature is not verified. When 
the response received to the shown signature is not right, it is decided that a signature 
mechanism will not be lawful (920). In this case, verification processing is completed (924). 
[0070] In a right case, the response received to the shown signature on the other hand 
makes a decision about whether verification processing was performed n times (928). Here, 
n is arbitrary desirable numbers (for example, 5). When not performing n times, processing 
is returned to the process 904, a signature is shown to a signature mechanism once again, 
and a response is examined. When processing is performed n times, processing is advanced 
to the process 932. When it processes to the process 932, it turns out that the signature 
mechanism provided the right response to the signature which ****** wa s shown, 
respectively (when a response is not right, processing will be completed at the process 924, 
without resulting to the process 932). Thus, it is decided that a signature mechanism will 
be lawful (932). In this case, a signature mechanism may be trusted by the Getlmpl method 
which attests the general related mounting 106. Verification of that a signature mechanism 
is lawful will terminate verification processing (936). 

[0071]The result of the above-mentioned processing is that a signature mechanism is 

shown a verifiable digital signature and unverifiable digital signature in an order 

j ********** j Even if it is not impossible, it will be very difficult for verification processing 

"to forge" a right response of an inaccurate signature mechanism by making this 

presentation order into a prediction impossibility. Therefore, this verification processing 

provides the efficient method of examining the legitimacy of an external signature 

mechanism. 

[0072]Verification processing was related to the digital signature verification mechanism, 
and has so far been explained. However, it must be cautious of processing not being limited 
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to a digital signature verification mechanism. On the contrary, verification processing is 
generally applied and examines the legitimacy of the arbitrary mechanisms which are not 
trusted. As long as at least two different information setting exists about the known right 
response, processing is applied in order to examine the legitimacy of the mechanism which 
is not trusted. The method generally applied in the mechanisms which are not trusted in 
which verification processing is arbitrary is shown in the flow chart of drawing 13 . 
[0073]Verification processing begins from the determination shown to the mechanism in 
which either of at least two information setting is trusted as shown in drawing 13 (1004). 
The process 1004 of this determination is performed by the method which cannot be 
predicted for the mechanism which is not trusted, and is performed in one embodiment of 
this invention using random processing. For example, a random number will be generated 
and, in within the limits (it is in agreement with 0) with a random number, the first 
information setting will be chosen. In within the limits (it is in agreement with 1) of others 
[ number / random ], another information setting will be chosen. In one embodiment of this 
invention, the process 1004 of determination also takes the before selected information 
setting into consideration. When all before selected selections are the same information 
setting, other information setting is chosen by the process 1004. This has guaranteed 
examining thoroughly the legitimacy of the mechanism which each of information setting is 
chosen once [ at least ], and is not trusted. 

[0074] After one of the information setting is chosen, it shows the mechanism in which the 
selected information setting is trusted (1008). Next, the mechanism which is not trusted 
provides the response to the shown information setting. This response is received (1012) 
and accuracy is checked (1016). Specifically, the right response of each information setting 
comes to be known. When it is not the right response of the information setting shown the 
received response, it is determined that the mechanism which is not trusted is not lawful 
(1020). In this case, verification processing is completed (1024). 

[0075] When it is the right response of the information setting shown the received response 
on the other hand, a decision about whether verification processing was performed n times 
is made (1028). Here, n is arbitrary desirable numbers (for example, 5). When not 
performing n times, processing is returned to the process 1004, it shows the mechanism in 
which information setting is trusted once again, and a response is examined. When 
processing is performed n times, processing progresses to the process 1032. When it 
processes to the process 1032, it turns out that the mechanism which is not trusted 
provided the right response to all the shown information setting, respectively (when a 
response is not right, processing will be completed at the process 1024, without resulting in 
the process 1032). Thus, it is determined that the mechanism which is not trusted is lawful 
(1032). Verification of that the mechanism which is not trusted is lawful will terminate 
verification processing (1036). 
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[0076]The result of the above-mentioned processing is shown to the mechanism two 
information setting not being trusted, in an order [ ********** ]. Even if it is not impossible, 
it will be very difficult for verification processing "to forge" a right response of the 
inaccurate mechanism which is not trusted by making this presentation order into a 
prediction impossibility. Therefore, this verification processing provides the efficient 
method for examining the legitimacy of the arbitrary mechanisms which are not trusted. 
[0077] [Outline of hardware] In one embodiment of this invention, this invention is mounted 
as an instruction set which 1 or two or more processors can perform. This invention can be 
mounted as some object-oriented programming system containing Sun Microsystems of 
State Mountain View of California, and the Java (registered trademark) programming 
system by an Inc. company and which is not limited to this. The block diagram of the 
hardware of the computer system 1100 in which the embodiment of the invention is 
mounted is shown in drawing 14 . The computer system 1100 contains the processor 1104 
which is connected to the bus 1102 used for communication of information or other 
transmitter styles, and the bus 1102, and processes information. The main memory units 
1106, such as random access memory (RAM) or other dynamic storage, are also built into 
the computer system 1100, and the information and command which it is connected to the 
bus 1102 and the processor 1104 executes are saved at it. The main memory unit 1106 is 
used also when the processor 1104 saves a temporary variable or other intermediate 
information which are used during execution of a command. The computer system 1100 
contains the read-only memory (ROM) 1108 or other static storages for which the static 
information which it is connected to the bus 1102 and the processor 1104 uses, and a 
command are saved. It is connected to the bus 1102 and the memory storage 1110, such as a 
magnetic disk or an optical disc, is used for preservation of information and a command. 
[0078]It is connected to the display 1112 of a cathode-ray tube (CRT) etc. via the bus 1102, 
and the computer system 1100 displays information on a computer user. It is connected to 
the bus 1102 and the input devices 1114 including an alphanumeric character key and 
other keys send selection of information and a command to the processor 1104. A different 
user input device from a key has the cursor control 1116, such as a mouse, a trackball, or a 
cursor arrow key, selection of direction information and a command is sent to the processor 
1104, and a motion of the cursor of the display 1112 is controlled. This input device usually 
has the biaxial flexibility of 2 times of the 1st axis (for exaimple, x) and the 2nd axis (for 
example, y), and can specify the position within a flat surface. 

[0079] According to one embodiment, the computer system 1100 provides the function of this 
invention according to the processor 1104 which performs 1 stored in the main memory unit 
1106, 1 of two or more commands, or two or more sequences. Such a command is read into 
the main memory unit 1106 from media other than the main memory unit which can read 
computers, such as the memory storage 1110. Based on the instruction sequence stored in 
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the main memory unit 1106, the processor 1104 performs the processing step explained 
here. It can also be used as another embodiment, being able to replace a hard- wired circuit 
with the software instruction which mounts an invention. A hard-wired circuit can also be 
used combining the software instruction which mounts an invention. Thus, the 
embodiment of an invention is not limited to the arbitrary combination of hardware 
circuitry and software. 

[0080]The term of "the medium which a computer can read" currently used here shows the 
arbitrary media related to providing with a command the processor 1104 used for execution. 
Although such a medium is not limited to a nonvolatile medium and volatility medium and 
a transmission medium, there is form of a large number containing them. For example, 
there are an optical disc or magnetic disks, such as the memory storage 1110, in a 
nonvolatile medium. There is dynamic storage, such as the main memory unit 1106, in a 
volatile medium. There are coaxial cables including the wiring which constitutes the bus 
1102, copper wire, and an optical fiber in a transmission medium. A transmission medium 
also becomes forms, such as a sound wave or electromagnetic waves, for example, an 
electric wave, infrared rays, and a wave generated during optical data communication. 
[0081] For example, in a general form of the medium which a computer can read. A floppy 
(registered trademark) disk, a flexible disk, a hard disk, Magnetic tape or other magnetic 
media, CD-ROM, other optical media, There is a memory chip of a punch card, a paper 
streamer, another physical perforation-type medium, RAM, PROM and EPROM, 
FLASH-EPROM, and others or a cartridge, a subcarrier mentioned later, or a medium 
which can read other computers. 

[0082] Carrying 1, 1 of two or more commands, or two or more sequences to the processor 
1104 which executes a command is also included in various kinds of medium which a 
computer can read. For example, a command is first carried by the magnetic disk on a 
remote computer. A remote computer loads a command to the dynamic storage, and 
transmits a command on a telephone wire using a modem. To the computer system 1100, a 
local modem receives data with a telephone wire, and changes data into an infrared signal 
using an infrared transmitter. An infrared detector receives the data of an infrared signal 
and a suitable circuit arranges data on the bus 1102. The bus 1102 carries data to the main 
memory unit 1106. And the processor 1104 takes out and executes a command. The 
command which the main memory unit 1106 received is optional to one of the back before 
the processor 1104 performs, and is saved at the memory storage 1110. 
[0083]The computer system 1100 includes again the communication interface 1118 
connected to the bus 1102. The data communications of a 2-way are possible for the 
communication interface 1118, and it is connected also with the network link 1120 for 
connecting with the local network 1122. For example, the communication interface 1118 can 
also use an integrated services digital network (ISDN) card or data communication 
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connection as the modem with which the corresponding telephone wire of a kind is provided. 
The communication interface 1118 can also use data communication connection as the 
Local Area Network (LAN) card with which compatible LAN is provided as other examples. 
A radio link can also be mounted. By such mounting, the communication interface 1118 
transmits and receives the electrical and electric equipment, electromagnetism, or 
lightwave signal which carries the flow of the digital data which is various kinds of 
information. 

[0084]The network link 1120 usually makes possible the data communications to other data 
stations using 1 or two or more networks. For example, the network link 1120 provides 
connection to the data station currently managed by the host computer 1124 or Internet 
Service Provider (ISP) 1126 using the local network 1122. Next, ISP1126 provides data 
transmission services using the global packet data communication network currently 
generally called "Internet" 1128. Both the local network 1122 and the Internet 1128 use the 
electrical signal, the electromagnetic signals, or the lightwave signal which carries the flow 
of digital data. The signal which uses the signal which uses various networks, the signal on 
the network link 1120, and the communication interface 1118 has a form of the typical 
subcarrier which carries information. These signals are carried to the computer system 
1100, and carry digital data from the computer system 1100. 

[0085] The computer system 1100 can transmit a message using a network, the network 
link 1120, and the communication interface 1118, and can receive data including a program 
code. In the Internet, when the code of an application program is required, the server 1130 
may be able to transmit it using the Internet 1128, ISP1126, the local network 1122, and 
the communication interface 1118. When the received code receives a code, it can be 
executed by the processor 1104, or can be saved at the memory storage 1110 or other 
nonvolatile storages, and can be executed later. By this method, the computer system 1100 
can acquire application codes in the form of a subcarrier. 

[0086]At present, although the invention is explained based on the special embodiment, it 
is not limited to it. Various change can be made by a person skilled in the art using the 
profits of this indication, without deviating from the pneuma of an invention. Therefore, 
this invention is not restricted to the specific embodiment currently used in order to 
describe this invention, and only by being based on a patent generic claim, it is limited. 
[0087] 

[Effect of the Invention] According to this invention, a framework makes it a positive thing 
to impose required restrictions on the service provided for application according to the 
demanded dynamic construction of mounting like the above. 
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[Brief Description of the Drawings] 

[Drawing l] It is a block diagram showing the whole system concerning one embodiment of 
this invention. 

[Drawing 21 It is a flow chart showing general operation of the whole system of drawing 1 . 
[Drawing 3] It is a detailed block diagram showing one embodiment of this invention. 
[Drawing 4] It is a detailed block diagram showing one embodiment of this invention. 
[Drawing 5] It is a flow chart showing operation of the embodiment of drawing 3 and 
drawing 4 . 

[Drawing 6] It is a flow chart showing operation of the embodiment of drawing 3 and 
drawing 4 . 

[Drawing 71 It is a figure showing the example of the combination of restrictions including 
default configuration and exemption setting out. 

[Drawing 81 It is a flow chart showing operation of one embodiment of the 
GetCryptoPermission method of JCESecurityManager object classes. 

[Drawing 9] It is a flow chart of one embodiment of this invention showing the outline of the 
processing merged into one set of restriction of two or more sets of a rule. 
[Drawing 10] It is a flow chart of one embodiment of this invention showing how to merge 
two or more sets of a rule into one set of restriction. 

IDrawing 11] It is a flow chart of one embodiment of this invention showing how to merge 
two or more sets of a rule into one set of restriction. 

[Drawing 12] It is a flow chart of one embodiment of this invention showing how to examine 
the legitimacy of the digital signature verification mechanism which is not trusted. 
IDrawing 13] It is a flow chart of one embodiment of this invention showing how to examine 
the legitimacy of the arbitrary mechanisms which are not trusted. 

[Drawing 14] It is a hardware block diagram of the computer system which this invention 
mounts. 
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m&mmmK mmgizmrnnmnitmmffitfmM 
stih z t zm^i-r&fi^frzmm^&mffit , 

ztihzkzgfzi-t&kommizmtx. mM&m®im 
^zm~3\,\xmdMmm<®ffik. £<f*.*if2j<jg2 3 

im&m 2 5 3 ifffei^F^ri: m§zm®\mb zwmt h 
missus**, 

mie^K^i^\ mwmizmi^i&nmmmirmsk 
ztth z t £¥f*i-t&fi^fr&mfi-th®mk . 
moftmimK mmmizmmft^tmmffiwmm 
zix-zztz^Lz^komHzKix. mmmm 

*z-/YlZT?*X-thmffib . 



[is*ia2 7 3 Huierru^-^aytc-^i.feitT^ 

[If3<if2 8] HuHrrU^-^a yfc-9-£6*i."0* 

ir-is 3 ^*BiEi-*ll«*jgfcfili3til*3S2 7 CIS 

[»*i«2 9 3 ^^^tJtn^fi-^^BXO 
«Tlg&8tf*T*oT, *1E**#, 1 XJi«gcWo-te 

coit »r*% s t cowirtcjE . Htrienst3ii5-f$ij*<j<7) 

[ If *JS 3 0 3 mrlfilt^rJi . m ffi^co-fe 7^It 
JS2 9 >-t i-^Hg^K O^Ttg^ftc. 

[fulfil 3 1 3 Mferry^-v-a 
i7-bx-ri»J;3, iX(iaacOTD-fe>yH?-^»^-ii:4 

mmm\mzm^x. mmm*m<-tz>Zio. 1 

XJi1Si5:cOTa-b.yt?-^Kjf^$^S^i:. ^Stcfiix 

tzn^m2 9izim<r>^yv*-?Wi*-nr)-5im&m 
[ it im 3 2 3 Hoie^Mn^* , m&commiz-?- 

*Zfrt>&i>fflim%Mmt:ttiiii-t&Zbfr£ 

0 . mfrtihh<r>x'hhm^m3 1 fcte^^n y t^- 

[»*JI3 3 3 BafeSF^r$:3i!M-rSJ;d. lXJiSSc 
Sio. lX«^c07-D-fey9-5rft^§-t*-S#^i:. 

msm*sti i ±xz&£-rhw*sx'$>& t^mizmt 
x. mmm<Mm<Q%^i>cDX'hz,zk<?)mm£mm 

lX««ac07-D-b-y^©f^$-a-S^ 

^z.tzm^.m2 9f l z^m<7)nv^^-^m^m r ) 
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conmzm tx » mmmz mmmco^ yh* 

izmtx. mif^^-^^zmrs^mwMm^-y 
t. zmttzm^3A\,zmm<r>ri>v3.-?yi*-m } o 

MIBff^T*^ *7 .X - ? c9-b -y h £ L TV "> 6 A> £ 
f JBr-rs id. 1 X(d«ifc<7)Tu-b -y-^l&fl^-tt&Tfr 

SiSr^-fc, 2riiHt7tit^^3 4lcie^«n>-b c J L-^^ 
■WES"-*****: . 

id. ix«±ast<oro-t-y^S:ift^$-ii-^^t. 

S-Ti. i d . 1 XIMcorn^ •y9-£iaf££-e&iSr^ 

i 3 . i xizmwrci*: &mz&G 
*<. 

m&emfflmtf. mnmmizmsm^^smm s mm 
ztihzbtm^&^frzmrt&xo. ixim 



tS^TMIE$0*t»2-«< i 5 . 1 XJittgccDTu-b -y 
-^2r«&f^^^±-S^^i: . £ffiz.tzm$.m3 7lzimcozi 

c: b Z¥f*I-t& A^frZmmtZ id. 1 Xii« 

mrie^sijR8* j . mzmmizmmfewfmmwtfmgk 
zti&c\b£¥f*iL*^bmimi,zmtx . ttMBo 

•b y h^T^-fe^-t^id. lXJilf&Wu-b-y+fS: 

miie^rais^^i ffiSMtt ** < i d . 1 x«« 

®C</)To*y^£(Mt=£^&*Hi-£. SrH^.^lf*3l3 
7 (cK«<D3 >b° i- ^K^BX 0 »rag*«flc. 

[ »^ii4 o ] mis^sijis^ . Ms^ifejfcfft* 

=JL. ZZfr£>Mi>®mtfi)%Mm$:i«ilii~t&Zblz£ 

•si*^*^ s * m~r h i d . i x{±«sc<oro 

-by-9-*»ff$-U:-&MfeiSr^. 1l9ffiaS&*»ftLfcT 
• X* «y 7 *m&th i d , 1 X«1Sgccora-b -y if* 

»f^?-tt&ffe^^fiii.^i«*Ji2 9 tciemcon ytr a - 

CI»*JI4 2] mZT7V1r-is3yiz5-z.t>i\T^ 

h femfh h tt^frimm-h i o . 1 xiiM<orn 

•b-y-9-$-»#$-ii:§tfrlB^^. miTTV 3 > 
ZtmtZ X d » lX«aa<orn-b-y-9-2:i!)f^$-ti-S 
^5rM(cHi.^f«*il4 1 tdiaffl^ny e 

[0001] 

■rs. 

[0002] 

S Better /Prf U XA Srftffl t T ^ S 3 V b" i - ^ 7 a 
^7Atie i tii-c#'5:v^ (Jg^I|g^£7>ftSlir^d-y 

xA^t) . z<rmm\z\wwi*$>h. fmoint. 
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%f&W&<7)MlZiZ^ ^r- • X.X:?Q-(key escrow), * 
— ■ U#Ay-(key recovery) ti J: If*— ■ ^ -< — 7 — 
y7(key weakening) ttz. 7D/5A(7)li 

[0003] 

mmztL&tsfX'itt< . Bi-^-fkT^^uxA^atgffi 

LX^&l^&tzlZim.<7)y'n7 : 7J±j)K 

— A "7—? cOCTO 1 /l/7*^-7, ; 'Co TVl' h C9 
■tf" >r?4 ^nj^XxAXttS^Java PlatformC^Java Cr 
yptography ExtensionT*£>& . 7 I/— A7- PtfBS^Wk 

A7-?C77^ V£ilT^&8i^l^;:7>7&>;b£> 
[0004] 

[i*S£a?ifet-&*:i6c7)#g] *SMBt«iJf, -9--b* 

U ClixtcK^^ii^v^) T7*'j9-->-3>'{cJ;-5Tg 
77* U *r- 3 >- . t'xco-S & «t t/ 

7 a<7-^ srd*. & i/XT^ftxmmzixx^z . 

[000 5] 7U-A7-?I1 < 77'Jt-y 3 yK 



■fe-zh fcfefcCl <Off»r£:*!UI-f S . — HSgpgtc 

f&m%mmiz®m$:m-t&iMfni;-y ? *a*at* j: 7 

[0006] *X^A^$iX7^Slg7&<»lWC^Ig^^ 

7-->- 3 yizmm-tz . -ecof^, 77'j7-yay«t 

n i/* -y ^ JX ^ ^tT V •> h <nx . 77iJ7-^a 
V(±Mt^7 1^-^7-7 tfflS^ffl-T^^A^V^ 

*x^A^?^^i^-9--bx^s«L, «s»c 

[0007] 

[^^Sfeco^®] 12 lie. *«BH«sa(ggj||{r)io 

3^104. 1 ztztemm-WLtfitcmm 106.^ 

S«fflSf^ffl^Rit(c : fi : 7/i46<7)7l/-A'7— ^ 10 2 
^^71—^*7-^ 1 0 2^S*L, »t!X*. CIC: 

x\ 77'jr-y3yi04it #«corry7--i/3 

yX(i7D/7A'C'J; < . Java771/7h. Jav 

a77U Jr->- 3 yfc it/^^f -f ^ -f{zayj^i^ix 
1Z77V*-*S3> (ZKhlzmfeZtltc^) 

t. C:n{c|lR^$n^:^) T7°y7--v-3yicJ:-5Tg 
%XimT7Vir-is3>lzttLXmii2tlZ>-®com 

[0008] 77'J7-y 3 yi 04Ji. mg£7P— 

1 0 2tcg*-r-s*^-. *i\tmts$m<r>fztt> 

^-b'^.coaS2:f§^fS. /ci:^<f. 771)7 — 
3 VI 0 4(i TBlowfishj ^faTiV-dyX^cngmS: 
m&X'Z & . ^rl^{5 LX . 7 b-A-7- 7102 
«\ S^S:aiL-Cv^T7-y7--i/3yi 04ffltC^^. 

S* H 7-b'x«on^$rrry7-->'3>- 
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10 4£gflW4. 1 0 2(CJ;-o-CS« 

Zix&tixfM.fcZtifzmilzte. 7i/-Av-^*>'iS 
ftf 6 -9"- t'xcr>mm<&£ti& . SBfrt & «fc 3 C . £ 
ix£><?)$lj£>(i. ftJt§*lfc*JRl 0 8<Db-y K 
L&*Ui*. g^ajLTV^STTU^-v-H^l 0 4tC 

COO 093 HRfiWrHKl 0 6(1 7k-A7-?l 

S-^-t'xoH^^aLTV^. -&W&H3I1 0 6co 
^^IW-b'X^»in. ^ti(f , 1 
oco- /RW&S^* 4 reiowfishj Hff-fcT/i^'JXA* 

VXJ±Zmm-h» HRBWrlQSl 0 6 $ij*fj 
Sfi&M. ■f-Srfc'fc. ©Ml 08. 2*;tillFiir 1 1 0# 

ift?ti%\.\ ztiizx-ix. -mmzmgn 06^bs^ 
itT)H>jxj±cr>mm<r)m&. h^net/i^uxa^ 
£&*&mz&gx'*&. mzmw-tzxiiz^ mm&m 
^rry^-y 3 yi 0 4i,zmmt$ti&y—t'x(,zto 

thfthZ.k^Umt &cn>ii7l'— M.V— 9 1 0 2T'J> 
r>X, HRW&Hlall 0 6TJ*flrV». 
[00 1 0] yXfAl OOfctJWC. 71^— 
10 2i±. i/XfAl 0 0<9fM£:3>#;£iigg-r.&:3y;K 
-*VhT'J>6. 71/- 1 0 2C0— MW^iftf^ 

fc. 7I/-A7-^10 2(±, 77^-^3/104 
*^#SaiHc0-9--b*XOSI^ (fci:i.tf. BlowfishBf 

wtcrtwjx&ffmik) vm&Z'Sim&ztizj:^ 

XSm-Th (202) . ,r*ifc*tJ6l/t, 

7V-A7-^1 0 2im&Zixtz9mi,Z!& 
B*W»£WBr*-4 (204). *3WBO— |tafc»»tc 
fcWC, 7U-A7-7 1 0 2(2. Ji^^ix^JRS 1 0 

1 0 4£fflf>t>titz¥m 1 1 otifflg-rscLttct-o-c 

T. 71/-A7-? 1 0 2ti^T|g^RBO. SfillW©J*<J 
$rJn^.J:o t-fl>. 7l^-A7-;i0 
212, flf»ri 1 0fc»10 8$r#^LT^rtg^|J5»5X 
7VCS>6J:?(ci£;*6. 

[0 0 1 l]ttKrtfft**fc. 7U-A7-710 2 
(2. S*SiX3t^S:«l«{C^-rS ( 2 0 6 ) . 

Tt-^-b'XcoaS (*:i:;t(2. BlowfishBf^<t;r;U=fU 
XASr^l-rs-JKfi^irllfll 06) $-^1^. MS 

-th—mmtc-mi 1 o 6 ^otts z t tz «t ->Tfij£§ 
06(2. ircifcs$*ifc(!i»k*n. s*§^n^c 



fiiSE-rs. ftot, raii-r-s-M^ii^i 0 6g*n 

(2#Jift# : tt ir vc v vjr v He i> 4>-f . Sfeffo ^' -y ? 

a*, wji-r f.-^w^ns 106 izmmzti&m^m 
&t%&. m&-t&~fm%9m. zztzmfr&ttiti 
&£xstmzii'' y?£®mLx, mzztuzmm 

T U *r-*s g V 1 0 4 flH=*8S!l(c«B6, -r=5:;b*>. 53< 

ssLti^7rijy--y 3 yio 

4ffltC*X^A-ft:$n7tll^i: LT^.S^t* 4 T'§S. 
[0012] ^X^A-fk§#i^S|*<*^$tLS t . £ 

^LT^srru ir-x 9 >- 1 o 4 tc>ic7)ii^je$ix 

§ (208) . T7V*y—>3>l 04rf#A 

?j*fa%Kit'£miz*r- j €xzmgmcth. *x?m> 

tfW.&-&£tlX^&<7)X\ T70 -y-isay 1 04£*Jg 
C7U-A7-; 1 0 2bmmz{¥m~t&!&Wtf%:<%: 

*/x?Mtztiti$m&&w-t'x£m& : L. m 
mizmm^-^xiztux. htiz, x a . ccotjS 

X-iX. 7U-A7-? 1 0 2*^ TTUir— y 3 yi 
[0013] mia^i^BBti. *«%0HRW=flrU»*S 

«l,tv^„ 03T-, ^wm—msmw,z-y\ ^xmm 
izmm-th. &LTcomwx\ *$tmt. m&zn. mm 

<7)9mizmmLxwmzixx^z, . dix*^Hjcoaw«o 

^1X&!&gCDh2>$yh«P&^V>y--t'AI,Zttl,X , — 

[00 14] 133X1/04 (C. 71/-A7-7 10 2(^) 

10 2li, 77'Jy--y 3 y^7D7'7Sy/' 
-7xWX (AP I ) 302. t-t'^7ny\'-{/- 
>^-7x-f^ (SP I ) 3 04i>ilfaT3 205:(i 
th. AP 1 3 0 2(2. 77'j7--y 3 yi 04#*it& 

mt/tn-tz bwx-z&vv-xzmLx^z. *mn<?> 
— msmmizn^x . ap i 3 0 2^9^^^ t.9 

V 9 ^X 3 0 6 £;ExemptionMechanism;fr:7Vx ^h?5 
X3 08Sr(l^?>. fficO^V -y HtCStoT. Cipher^" 
7h7yX30 6(iGetInstance^ V y H b Init 
XVvK*flli&. Getlnstance^V >y K(i. 77!)^ 
-^3>-*<1f-b*X(7)|^^^-rS^fc. 77'Jy- 
-v-3>-l 0 4(C«t-D-CDftfaiSixS^y-y KTftS. 
i«0^ V y HDfl^ttl UzttmLX . Cipherjj-y^'x ^ h 
?7*3 0 6O-f>X;y->.xa<Jt^$ix. Df^aiLTV^ 
STT-Uy-— >3>1 04(Cjl$<XS. ^$iTJtCi P her 
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fiXf&ltZtl. ®mt. Cipher y X9 y XifiWSkX' 

SkX'^h. Cipher^ yX?>XtfmZ1X&t. Cipher 
■i yx 7 >XCD* V -v Ytfry 0 *r—^ a V 1 0 4 \iZ X 

-yxmm^m^ixt. ^x/taLx^rru^-^a 

y 1 0 4 tc J: o T ffftfaj £ it & &Wcr>fo £ ^ V y H l 
Otflnit^ y y .Itf>P< V v H(±. Cipher^ y 

XfyxZfifflitL. Cipher ^^yx*>HK'JS 
idtC-tS. Init^y -y HJiCipher-f yXfyX 

l,zffl®£Ml&Kfr<vm?rX3i;-y7tLxmiPt&. Ge 
tlnstance;* V >y Hfc Init* V -y HfcOV^JiPMCa 

[0015] -friizwrnttixo 1 

SilTV^it^fc:, ExemptionMechanism^T'^x? 
9X3'0 8#i&#-f£. Cl^^Xfi:. Dfl/ttL^S: 

aifco* y y h ^rffiffi-r & . ;^^yv 

£*?«») £*TO^4jfctf>fcBftfaj3il4. API302 

[ooi6] spi 304ii, v-vx-ru/u yizs 
y?-7*.4x$:m8ki.x. v--zx7°x3ju y 

W-t'^5-71/-i7-? 1 0 21^7=7? 4 y-f 

h. ^zmo-mmmiza^x . sp 1 3 0 4ti. g- 

AP I 3 0 2^ 7 7XCMJ5t4 S P I 3 0 
4*yVx?f>?:yXS:<ffi;ii>. -t+C&io. API 30 
2<7)Cipher5ryj/*x^ h?7X3 0 6(C*f LT2tJ£-r-S> 
SP I 3 0 4<7)CipherSpi^-yv ; x^ h^5X3 1 Otf 
: fcl£th. ZLX. AP I 3 0 2cOExemptionMechanism 
*7iS*7h7 : ?X3 0 8lZttLXti&-t?>SP I 3 0 
4<OExemptionMechanisn6pi5j-7'xx^ b^5^.3 1 2 
IftFtefh. ZCOlMlCOM^i. AP 17 9X3 0 
6. 3 08c0^y y FSrSP I 75X3 1 0. 3 1 2<T> 

* y -y h* «y t y y-th z t z®mz-?& . zcomm 
mmi®iztmzix&. spi^/i/i7h?7^3i 

Ot3 12IJit^x7l«77mO, ?9Xt;i 
iHB^ ^'T'iSju? h7xX&fctfZtlt}Cr)j<V ••/ H 

i o 6 zmm-h +r-xzxyvju yws p 1 3 
04<05j-y>'*x7 h^^xoi-pSrify^^x-ftL. -e 



cO-9-y^7X{CSP I 7yX<Dj£m$tltz*V y KO£ 

£ft.T^&— ^W^rHSl 0 6(i, SPI 3 04<7);rr 
y'i7 h7 5X3 1 0 t 3 1 2(0t775XC5:S. — 
j®W3r§ISI 1 0 6 tf># * l± , g=5r o fcWB*)-*- fx t 
0£^T# (fcfc;ttf. BlowfishBf-f-^T;U^'JXA$:|| 
£U Rl9t=, DESBg^flcT/^yXAfrHHilU * 

mm;-* z\ti£r>x. -fmtc^m 1 0 6 ^s^rs 
com&<omm (titan. Bt^-itcoft^sris^iRg) t^-r 

SCltt-C^S. 7k-A7-7 10 2<O373 2 0 
(i x JCESecurityjj-7'i/x^ h75X3 1 4tJCESecuri 
tyManager^y^'x^h^^XS 1 6 *»^H 
CO— ^Jg^ffitCfc^T. .Ift^O^TVx? h^7X3 
14t31 6{^^'y^--^7*7-< ^-hT'AO. TT'J 
<>--^3>-l 0 4^TS^T7-feXT'^=5r^. 03^? 
itT \^&£olZ^ JCESecur i ty 9 5 XtiGetl mpl X V ••/ H 
S'fili., JCESecurityManager^ 9X{iGetCryptoPermiss 
ion^y-y F$r(li.i.„ dfL^CO^ y y K(±, Cipher^ 
9X306 COGetlnstance^ y y HcODft/JU t<0*S*i: 
LTDftfffl^n, KSflUT, *x?MtZi\tzmmcr>Wi 

^xmrztihmm±. ^xr-^fym^^tn^, 
±<mMX'%&. fi!oT. mz. %PM?>£xznmizw 

M-f&tziblz^ m5RXme<^mtimX'^X7-J^cr)±X 

[ 0 0 1 7 ] T7°V lr-~> 3 y 1 0 4 ti, {-^Ub<W^0!> 
Bt^Hf-b'XcTJll^^^tLTV^^-t^ Ci P her>!- 
y^*x 7h^5X306 £7)GetInstancep< y -y K^Dft/ 

*mi<r>-mimmtzt$^x. t-t*^^ 

^.(fBlowf ishcoi o *V6*7itTJUzf>J XA 
^^S. Cipher?9X3 0 6teC<9g;£$:gttro9 
(404) . Getlnstance^C V -y r-'COS^^Ofl^ai-r. 
dixHJtlCtT. Getlnstance^y y Fli N JCESecurity 
7 7X3 1 4<?)GetIiiipl^y -y HS-PJt^JfJ-f. Getlmpl* 

y y Ht±. y -y H 

sae^^ 106 o ij-msrt h (40 

8) . fctxtf. -SW^rl^l 06<ov^-rixA^*Bio W 
f ishBf^-^ry^'J X£.Z9mLx^hfrt' 

Getlnstance^ y «y KtCX5— y -fe— i^S-ji L 

(412) % mz. ^x/mLx^hrrvy-^3yi 
0 4iz^7-x y*-i;£&t. &tz. mzztifcv— 
txizmLx^z-mmzmm 1 o ew^tofr^tzW) 

Getlmpl^yy HI4. 1.-?*^ tz-m^tc^ifm 

mztiXKy&frt'dfrmifxwmi-z (4 1 6) . z<d 
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m&z'+Toimiz^Timmizimt&w. zzx- 

ktZiffiMLXtsK. 
[0018] GetlmplX V «y Hs6«*<?>HR«pSr|@&&«B 

*j&*fr;c.4-*W$r5S»l 0 6»#SL^^*>h' o 
trtm-r* (420). flSfcHRW^HJI 1 0 6*«fiqSE 
L3rU*&"£\ Getlmpl^ V y Ktifietlnstance^ V y FtC 
X7-^7^--/'5:IL (424) . nftfttLT 
Uarr'J^r— y 3 yi 0 4(CX7-^ •y-fe-S'Srjg 

■T. 5:fc£#tT^i>^-t'xa^£-/&w&0^i o 

6jW6(c£qSrt-£i(te\ Getlmpl^Vv Hi, Ig4 1 
6 £K o T . ft L V vHRWfclEStfBffi $ iiT ^ * *» if 

*\ S^^^-b'x^*. 6igiE$*ifc-«W=5:SI 
m0 6#?^L&u£«»r$*i&£-t'fK. 
[0019] g;££*i*:^-h*;*oigliE£ft^H&W& 

^106 < z.<?>mmmm-hmkb mttth z t tz 

#Ji,oa>o*;*£\ Getlmpl^y-y 
9m&4 yx?yxfcLX (4 28) HS§<?H yx?y 
x ("^=5r*>^>CipherS P I -4 yx?yx) ZtefctZ,. 
^am. GetlmpMV -y Yiim^frvmW&W£<7)4 y 

x ? y xizmt h <zmtfh h^a? &fmt-& < 4 3 
2) . *%wcr>-msmmi l zt>^x . iowRa, yt- 

-A<7-? 1 0 2**BBp«iflWriM^ifc{ilS^w<paj6f^o 
fc*>CR£S*i.T ir*4*»ir d a»H»rr S .1 £ (ci -5 Tff 

©J^SriDi.S£>S(i^V\ — ?j\ 102 

[0020] ngcM >x? >x\,zmz_ t>ti&®mzm 

Wf-f&tltblZ (4 36) . Getlmpl^V-y K<±JCESecuri 
tytfanager? yX 3 1 6 OGetCryptoPermission;* V -y K 
SrBfl/aj-f. GetCryptoPermission^ V-y h'CDSW&CS 
tg{±. fiS$ii7t:©liJBl 08i, i>LS>fttf. DftftijL 
tv^r7'j^-i/ 3 yi 0 4tci2y>^fL^ifnji 10 

i:£HgU ®l®<0-k: v h*m<ZtX'$>&. ZCOfflft 
CO-t >y h^GetCryptoPermission^ V -y K£ i oTGetlm 

pi^y-y Htcii^fis. -e-lt. *mia>-mmmiz 

5) &fcV)j^A>c08£^\-5*-?##£*t&. Getlmp 
1-X V y H(i. .I*)$!l£>$rgtt5x6 i: . f&mmfize) 

Mftftx-mfeztLxv^frz otmm-h (440) . 

mmffitfffl&f*lX'i%£ZilX\^\.^ > i}. Getlmpl* 

[0021] l*>u fmmm%feztix\^w,&. 



Getimpi^ y -y Kliii£§ftfc$HfcfiHf «9>f VX9VX 

tmYxtefcth. xsmco-mm&miztiwx . zti 

(i N Exempt ionMechan ism? yX 3 0 8cOGetInstance,X 

Tjij££*t&. £con¥l/ajL£ttLTExemptionMechani 
sm? 7^. 3 0 8 cOGet Instanced y y Kti. JCESecurity 
^7X3 1 4C0GetImp!^y y H^OflXtJtJ-f (.TCOBftX 
tttUi. Getlmpl^y y VcD^cryBftflil Uz%& Z b 
lz&M.%tlti\,\) . CintcMJiELT. Getlmpl^y y H 

ii0 6^U -£<oHKW3mi^i 0 6 5^fyx^ 

yX-ftLT (444) . Exempti onMechanismSpM VX 
7>X£±fct&. -ecDf£, Getlmplpcy -y HliExempti 
onMechanisn6pi-f >X? yx$rExemptionMechanism^ y 
X 3 0 8t7)GetInstance^ y y HtCjR-T ( Getlm 
Pi ^ y y H com 2 COD? l^tij Lj&» 4> cof^f Tfe ) . 
[0022] <XIZ^ ExemptionMechanism^ yX 3 0 8<0 
Getlnstance^ y -y Hli. Exempt ionMechanism^ 7^. 3 
OacoayxbyffiWtS&L. Getlmpl^y •/ K*» 
^ M $ ilJt Exempti onMechan i smSp i^fi^X^yX$-3> 

^(iExemptionMechanism^7X3 0 8£^f >X^yX-ft 
LT, ExemptionMechanismW VX9 VX&±&th. & 
l/Z, n-yXVy? 9\±^ Exempti onMechanismSpi^f -yX 
9 yX?-ExemptionMechanism-< yx9yx$\\iZi]T J e.)V 
-ffrf&. -ecOf^tC, ayxhyffli^ ExemptionMecha 
nism-^ yX 9 yx<r>* V -y h' 5-ExemptionMechanismSpi 
>f >X ^ ^^.CD^JS-T ■& * y -y F lev -y h*> i/f -& . * 
WPP)— %WBWHZHWX^ ExemptionMechanism^f yX 
9 yxcrrtnitX y y H* J ExemptionMeehanismSpi'f >-X 
^ yXCOEnginelnit^ y -y Kt? >y Vy^Zti^ GenExe 
mptionBlob^ y >y K^EngineGenExemptionBlob^< y -y H 
C?7ey/$nS. Exempti onMec 

hanism^f yX 9 yXCO* V ••/ Y-^^X/iH L^xemptio 
nMechanismSpi'f yX? yXCDJEL^* V ••/ HtCjU^tt 
S<t ?liZ~$~Z>. ExemptionMechanismSpi'f yxfyXffE 
xemptionMechanism-^ yX? yXpUZjjy-tzlVfoZixh 
ExemptionMechanism^f yxfyxcoj yxfyxft. 

[0023] Zcom^ Getlmpl^ y >y HliCipher^ yX 
3 0 6 cOGet Instanced V -v h'tC^O ( Zttii^ Getlmpl 
X y >y HtOS 1 CODJI/Jfi Lfrh<F>m%X'h& ) . Getlns 
tance^ y -y H (C . H^'f yx^yx, SWiftcO-fc .y 

nil/ A i> LSytlif) ExemptionMechanism>f yx9 
yx&ffi&th. ifclCU Cipher^ yX3 0 6tOGetInsta 
nce>y 7 KIJ. Cipher^7X3 0 6c03yXh7i?^ 
SrOft/aiL, 3>^.h5^^tCGetImplp<y y K*»A,g 
ttlxo/^gcO'f >-X^>^.. Mfi<0-b7f, fcit/ 

( t Lfeitlf ) ExemptionMechanism'f yx^ y^Srg 
■f. ZtllznmLX. ^yxYy9?\t^ Cipher^ 
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3 062:^ VX?VX-fc (4 48) LT, Cipher^ VX 

^y^JMtS. a>xh???li. mm<r>4 

VX?VX. ffl$J<7)-tvh, (fcL**Uf) Exem 

ptionMechanism^f SrCipher-f yXfVXftlZ 

tt7-£Mki-& (4 52) . OiO, Ci P heMVX?V 

xti r 57 ^-j *-7is 3 .7hti.xmft-fh. mm<r> 

■i VX? VX£Cipher-f VX? VX(;i;#r-fevMt^&*§ 
-^•(C. 3VXh5??te:Cipher-f VX?VXO*y y F 

£*tJ£-rsH3&?M vx?vx*y y Ktvyty^f 

*^BJ<7)— HSB^SfctSWC. Cipher -f VX?VX 
<7)Init* V y Ffi.. ^i&?M VX? VXOEnginelnit* 

V y FHV-ytV^fu Update* y -y Fli. EngineUp 
date* y y Ft"? -y b°V?'$iX, DoFinal* V -y F<i. E 
ngineDoFinal* V -y -y fy^ZtlZ, . CLC^V -y b° 

v?<;i. Cipher^ y^^vxwy-y V'^crMtftiiLti 1 
jEUMKK0>4 VX? vx<0*y y F lzmL,ix& i a (c 
-f Z-tlhn* V -y FcOHSt^H^-f VX? VXte 

wftST-iSk* ^yxh???i*. cipher? 5x30 

6£DGetInstance*y -y FfcKS. Getlnstance* 
y -y HlinfytBtTV^rrU^-v-a >-l 04tcM 
0. Try^r-^aVl 0 4^«ft<tg^$il/iCipher 
^yx^vxSrMn (456). *cd&. BftttBL 

tV^77'J^--/ 3 yl04ll Cipher^ VX?VX 

«o* y -y F£i:igBf</aj-r < r fctfT'^ 3 . 
(0024] *^BJ<?)-|lig0ffi(CtJV>-C , Ufl/tti LT 

V *S 77 ^-^3^104 A*Ci pher-f VX ? VX £n¥ 
tfaj-t^^O&SS^tf)* y y F<D 1 o#\ Init* V -y 
FT'**.. ^O^^i, Cipher^ VX?VXtfD$n$Hb£ 

ilS^»f^ffl(-Init^y-y H»4Utr£. C1C9* 

y -y f zmfttLx^z t z uftfaj uxv^rr u 

^ct'cOT/t^yXAH^R^^LTV^ttSco 
ffljCDHf-f-y^*-? (^^Bf^ttTrt^yXAtfi&g 

[0025] Init* y -y Yifim/^iXtz^^ Init 
*y-y FfcL D?f r ajLTV>Sm)^--va>'l 0 4t 
Xr>Xm^1Xtz^mV^y^—^tCip\ieT-< VX? VX 

?#iW&OW^2rt:<i*ftOT<^%£\ Init* y -y F 
<£Wi'fb'N*7*-?£flSI?M VX? VXcOEnginelnit 

* y y f tzm lx . mmcos vx ? vxifmmx'% § 

i o lz-?& . ^c7>>f vx? yxtfW8HtZiUzik. Ci 
pher-f VX?>Ximft*l&%Wmz%h. ZCOX 0 

iz % ^{am^^arm^ mff-t & tz . cipherer 

VX?VX<OUpdate*y y F fcDoFinal* y y F£\ Bf 

txaitTv^rry^-^a^i 0 4J:-5TD?lXiil-rc: 
t#T*£i>. L*>U Init*y-yF**. BftfajLT^S 



rru fr-S/ a V 1 0 4 J; oTSS/LitMM^'C?^ 
- 9 fti] T*>UikZti tz Wti<r> V^iV 2r Bz. tz t Wfflf L 
^*^t=«. Init^y y K^MB-fk/^^^-^S-IS^O 
4 VX^yXOEnginelnit* V -y FtCj$§iX^rV>J; 0 {Z 

ZtUz&^x. mm<r>4-yx9vx^ -f$r*>*>. 
Cipher^ yxfyxUnWitL^J: 0 fc-fS. Cipher 
VX?yX*^^k$ix^V^Ji-^, Cipher-fVX^y 

^V^ttCioT. Init^V-yFli. ^«W(CCipher 

4 yx^yx^WifPX'^^Xolz-th. z<^mx\ 
Init* y y K{±, T^r-fe/HtStt^J^H^co^ >-x 

? yx\£w±n>itf>z. t ivmiz-t&tmv >>y ? t l 
xm<. 

[0026] ExemptionMechanism^ >X9 VX*<Cipher 
-i yxfryxmzfiy'-tMtZtl&igr&lZ^ Cipher? 5 
X3 0 6<^Init*y -y Ftt. jaAO^fgSrllfif-r&. * 
WSStgti, ExemptionMechanisnK VX ? VXtfTT 'J 
->-a VI 04(Cj;-5-CiEt<li?t/ai$tl. T-?cOBf 

fztttf, fmmffitf*-- vtsvj-cowr&iz 

(i. -f— ? CDB&mkHrolRlZ, Exempt! onMechanism'f 
VX?vx$rB?yttJtT, df— ■ »J^0-7a7?i 
&&L^ ^^r|ftf^*<ExeniptionM 
echanism^ VXfVXlzX iXmftZtUzZ t ZmMlZ 
t^Jtftfc, Init*y y Kti, ExemptionMechanism^f V 
X? VXCOIsCryptoAl lowed* V y F SrPft/ffi-^. 
B ^iO— 5ttfe^®(Ct>^T, ExemptionMechanisni-Y yx? 
^-cOGenExemptionBlob* y -y FsWtfJii^fXJt 
t* 5 ^Tffiffi * - tO+tCfia* V ^ h ( Exempt 

ionMechanism-f yxf VXli, ^^^Sfficott^* 
^T^itSTtfC^T^TVi-g.) . CICOtffgli, IsCryptoAl 
lowed* y -y F $rDf l/aj LT T?-feXT'# £ . ^COIsCry 

ptoAi lowed* y>yF*>\ imzmEwmiztuz (-r=5r 

fc*>. GenExemptionBlob* V -y F *^V£±J $ tlfz ) Z b 

£^LT^5%£\ init*y-y V\5.$mcr>4 VX9V 
X, -ftch%. Cipher^ VX9VXtfW&!CX'* Sid 
(C-TI.. ^S^liJ^'ll^f^fLT^^V^i^-li. Init* 
y y F**«I»Hb5«-C§ =5r<^ J: 9 (C-T^C0t\ Cipher^ V 
X-?>X\tmttX'%tc\^£olZ%&. 1%-oX. Init*y 

•y FJi. m.m<r>4 yx? >xizfflft£taZ&mrcii% 

[0027] M^LJt J: 0 (C tiX.it. CipheM VX? 
vxtci ^ TSftSitS^-t'xfcjDx ^^SSHU^W 
Brf SJCESecurityManager?5X3 1 6<7)GetCryptoPer 
mission* V-/VX'f>&. ZtlbVfflmi. ftfeZtltz 
©IISl08t. hLfoilli. m/itiLX^hTTVf- 
>-a vi 0 4lzmtbe,H*:¥f*Ii lOlzm^xmEZ 
tl&. GetCryptoPermission*y y F«0— |QgJg©$r<J: 

izmmt&iiK msmmzsmizmpnt st>rc 
<o^TSrnjf{csp-rs^a6fc. ©iKiosfctr^ri 1 
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oiz^xmmzwn-tz. 

[0028] ^mco-mmmmizm^x , mm i o s 
ffitfmgi £ ttx v > h m&t,zmmtTJi> a- >j x a tip * * 
[00291 mmwt&&%. (fy^juh^tti^fm 

&£) tt. Ot3tt±HlULh^x>hU*^«jS$ix 

mmizmth&m.i&n^-y v vim tmmz lt^s. 

6. 

( 1 ) B^-itTJUzfVX^t^ltmS^ 

( 2 ) stMmmttei&mw* 

(3) &<fctf 

rjuzf o xjxjffiicom^comm 

[0030] *^BflogW(OfctoC. x> N IKit'COj: 

Sr. ZnWzZT-t)Utt.Ztiti i i>m%mm£ft^X^Z> 
*7iS*7btLXm&iX'Z&L. ^xyh'J^T'f 

[ 0 0 3 1 ] 07 t«BK)f7 hSje&ftlMUe^) 
#J2:^-r„ x7*/^f&£^x>'H.mi. &Bfc8g«<7) 

tfm&ZtiX^^^r&lz1}uz_t>ti&®m£1%%.L. ft 

mi^teimmffitfm&zixx^&miirizMz htizm 

[0032] umcnfy *)Vbw&<r>mmmMX'h 
h. s*ttic» #x^hi>{±; &iz<7)Bg*T<tTjuznjx 

Mzi\,*X<?>%ckm*T^7X-?$:mLX^&. V£-> 
X. 07<7)J:3^Blowfishr/l'^' , JXAT'{i. 12 8b' 

XAT*(i. 6 4t'y h<Dg*gj|, 1 O0c7)Bf^(OS^ 

<*-• y^s-y-^^^Biowfishr^'JXA 

tftt^$ilTU4^(^ fe*3«l£iiiP$-£T2 
^hUJi^f- • xx^o-^^ffi*5BlowfishT^^*U 



x^tmz^mztix^hts&tz^ ^m^zmnnzit 

X25 6tyb< l ZX'Z&Zt?:fskLX^&. ftHHEBTC 
li. HkT;P:f 1>XA£ (.I<7)i§-&-{iBlowfish) Sr^gc 
oxy h o izimx-Z &Zt (C&SShfcV*. Ztlt>CD 
x^ h >J (C^-r^^^^'M^tf. H tTVUrf 'J 

[003 3] tlS$iX-|.©JIB 10 8(5, Cipher j yx? 

yxizmz. t>ti&®mcomj£X'%&zix&m=F<?>~ mz 

-V3V104 £RW&*lfcfTO 1 1 0#t L^?^4 

usmmmmt ^mmmm^rr v-x—^a y<r>^ o & 

Wm<?)T7V-r-isayli. OlcOTTOy-isayizit 

<nryvir-^sy^^(D^icr > rW'y-^Byx\ 3$ 
htvtz^i i oizRvuzixz. *mi<D-mmmiz 

1 #@<7)»3;l±CryptoAl lPermissionffif8T'£> 4 . TX 
'J ^— g y#*CryptoAl lPenaission5r^-x t>tlX^& 

-?-osi*{i:rruir->-3 yizimm^x<r>m 

~»Iti iJ §-z.t>tlX^&Zt< l z%:&. m^mtht, T7V 

■>■->> a ytemmztL%\>\ zna, m>t>tihc\t<n 

'jr-isa ylzUthhtih. 

[0034] 77'J T—> a y^Wihhtlh ZtlX 0 t 

co— ^smmiz&^x^ zcom&gf^Hz^ #£«7/^ 

UXA=& (ttill Blowfish) tffiS<0g^^^- 

?<7)m*-irhit (tztzif, ©*nft) sit^-ri.. s 

^nfT'l 2 8t*7 hOS^JI^tittCBlowfi 
sh#fi5g£ftT^S*S-£. 77^-y 3 y|il28h' 
•y b<7)fi^C^TBlowfishBihf-ft;r/Hf 'JXA^ffflt 

r'j^-^ 3 yimn^zizfflmztvrizvioufism^ 

tt.T)V^f»XJx$:®mX'£h. ZtliX\ 

ttZt^X'^&Ztiz&Mrt^Xhh. Z<7)£o%:ffl 
<F>n=y*-9\i^ RC5%£<7)m-^tt.TJl>*VXJ*tfm 
3?T&ZthX'%. Ltztf-oX. Wck'*7*-?co>PI,z 
1Sib&Zki>X'Z&. 

[003 5] mz^ Tzror-^ayizmtb^ti^mco 

t**n±. ttfenm^itTfrzfoxj* (Kb nz. Bio«fi 
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X-9 (fcfc*.{f, ^ftfflT'^SJ:d(c=5: 

^aut*|4LhS-«i:4. *P^TW«Blct!IHi0 8«)rt#t: 

i^fc*3j&>^fcfc:§t«!H§*i4. T/U^-y 

WMtWrWtfrar&fcv*. fcfc;Lff, 7r'J^-:x3 

<oi§£- fc *:<rmiF>%&\z , i rxryr?V t—zs a 
aBRwffsr^Bft 4>fts - fc a*? * 4 . 
[0036] mz. znx o Ki^ffiwzmz. mso 

ffihMI/ZX-iX . JCESecurityManager^7X3 1 6C0Ge 
tCryptoPermissioru<7 -y FOt&f^tCOU-ClftW" •& . G 
etCryptoPermission^ V ■•/ Fi±. ZtUfiQ%V\&ZiXlzi$> 
oftfajLT^STT'J^-v-ayi 04(cJ:-?T^ 
*$ixTV^Hg^-fbT;P3*UXA^ (titz.lt. Blowfi 
sh) Sr-^-tr^N^^-^O-b y h$S(fK4 . BftftiJ Ltc 
*f)ELT. GetCryptoPermission* V -y F<i. Of 
VajtT^4TrU^->-a V10 4Sr^-T4 (60 
4 ) . -$75:;b*> v GetCryptoPermission^V -y FJi. Get 
CryptoPermission^ V y F#ffftfft£;fl.&Jiafc:>5r-?7t 
Getlnstance^ V y F £ EfXflti LtiTTV r— i/a>l 
0 4ZmfetZ,. ^^mcry-mmmiZio^X , GetCry 
ptoPermission^ V -y Kli, -Ic0i&t£3-/1' • y 

LJ1^5r h t— X LX „ GetCryptoPermission^ V >y F 
*^GetImpl^ V y KtcMO, iKKGetlnstance^ V -y F 
IZM *) . i^tGetlnstance^ V >y F £§$0(::Bf tttii LT 
W7^-y 3 yi 0 4(CK4-I tCJ: Otf 0 . Z 

eyUmcoXolz. •ytzmmizmttzz 

fc IZi. ot. GetCryptoPermission^ V -y F^'ftfoKOHf 
l/ajLTTUy-^a^l 0 4^£T*I4. 
[00 37] mf&LX^hTTV^r-z/^yi 0 4** 

^sn^t. nx/iULx^hTyv-y-^ayi 04 

(608). *^0-Hig^©(Cfc^ 
7\ diltiM^^SW-et-e^TT'J^-^-a ^1 
0 4 hixtzfrhi 0 frt £ fc Xftbil 

4. *fS B JJ<0— <! coifed 77'J 
^-^a>-l 04(cM^47r'f^S-ffil!2L, 
KM 4> * *Of* fit v » h *» fc* 0 frumt h Z fc IZ 
£r>Xfrbtl&. Java7D/7;^^TIJ. T 
7° 0 X—is a y<r> 7 r ■< Mi J A R 7 r 4 MZ*k£ ix. 

zcmmx-ii. znjAR7T-(ju£fr5i<7)mmiz&m 
•rs. 

[0038] nhi)*nm'sw i %nfr-otzm&. &M$m 
&m?fZix. ¥fsiwimx-f>hztp s &mi$ti&. 



W<7>— mMBBlz&^X . Z<r)mS!liTi??MW%x*& 
mtXfthixZ,. Mfamzte^ 1 £tilitm<?>l ! F*I£'k 
tt&M<7>T7V 7—i/ 3 yi04Wl fiS-PlVm&Z 

77^-y 3 yi OAOftmtfimZtlXiSK). T7 
Vir-is 3 yi 040r)f*im^5.ZtlX^fr-otzZt 

zwmizLx^t. zvri'fji'm&tfmEZti&m 
JAR7Tj;umz&£ti&m*itfimx'h&zt 

f?nrii$$&-C£>& „ GetCryptoPermission^ V -y F 

[0039] GetCryptoPermission^ V «y K* J Df t^tB L 
T V>4 77 V T—is a > 1 0 4 * { *^^rlt^'2rftoT v> 
: OrV'>i:fiJ|ffL/i^'(C, GetCryptoPermission^y y K 
(i, ©JRRcOr^^/Uh^^M^a-^^TCipheM v 
X?y^{Ztott±ixh®m*®.'fetZ> (6 12).** 
W(C(i N GetCryptoPermission^y y K(i. BflftU LT 
V^477'J y—z/a VI 04 iZX ■oXW^^tiX^i'SS 

r>fr->tzmz, fflmff*e>x.yh vrnzmzztizmm 
<fcfci.Hr. e^jiftfcfi&cosfji®) apt,m*rti&. fcfc 

Dft/aiL.Tv^|,m»^-^3yi04^'Biowfi 

CO J: d(C. ®\%}lZm±m£:1} { l 2 8b'-y hcOBlowfishfc 
^■&fc'^>3. ©1*5*^^-5^, S$ift#GetCryptoPermi 
ssion^y >y FtCt oTJCESecurity^ 3 1 40GetI 
mplp< y -y Ktc:3E$il4 (616). 

[0040] Xg6 0 Q(,zm->X » GetCryptoPermissio 
nj<y y F* J B?lX , ttJLt : V'»4mJ^->-3^1 04*>' 

1 ^fc«a^O*5&^^5r^^T^4 fcWBfLfc*^- 
JC. GetCryptoPermissionXy -y F(i. Clit^cOit oTcO 
V ^-ffL*^CryptoAl 1 Permi ssi on*>fc* ? 4 

(620) . CryptoAllPermissioncOit-£\ 77^7- 
^3>1 0 4(±SlJI5B$iX^r^ <> -ecO*^-. GetCryptoPer 
mission^ V y Fli. $fll«Jil tcO^$:GetImpl^ y -y F 
izmt (624). L^L. SFnr^'V^-r^tCryptoAllP 
ermissionT'ti^^^^-. GetCryptoPermissionpf V ■•/ F 
<iIS6 2 8{Cittf. 

[0041] x.n6 2 8£X'mm-rz>t. ryv-y-^ 

3 ^ 1 0 4 # 1 4fcJ4«S<0^&^fFnr$r^oT*3 0 . 

^ COS i-ffl t> CryptoAl 1 Permissi onT^: t ■> ^ 
fc ^*-4 . tMo T; ff^Tti^cT) 28S<0 o *>cOl 
*H=^rSvlfcS:Si*-rS. 

( i ) toz.t>tt&KZfmimimtL%^wm (^ 

^coBt^-ffcr/l-^'JXAfcg^irS^N^^- 
^cO-b-y h^^-S^l) . £fcfcL (2)JDX^ 
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\\ltiv zfvxAt mzsm&mtmfct h mm ) 

[0042] 2 8X. GetCryptoPermission* V 

(632). i+<3r#jgfflT'# tern, ^sjizm^ixtz 

V%mtT)l'dtyXJ>.tf^ TTO ir-is 3>1 0 4lcJ:o 

xwi& ztix v ^m*r±TJi>-iv xa t m tm^xh 

S. tzhzM. TXy^-v-gyi 04#*BlowfishT/lx 

Bf^-fbT^rf U XAtfBlowf ishTyPd' y XA £fg56 LT 
V">& * t: 1 OSOUfWSfflK&S . ^f&sjso— 
JBtZ&bvttt, fi*lO<9lf^Tgffl$fU>. GetCrypt 
©Permission* V -y Vtfgffl?) 1 Oj&fjgfflfc&S,! fc £ 
ifct^£*ft-£\ GetCryptoPermission^y -y HJi, ffaj 

tztltfZZtitdkk'* 1 ?*-? (£>L#£-fiitf) cat-? 
V^Cipher-f yxizjjat t>ixZ>®m%ikl£t& „ 

&£fi.>5:l\ M£>#GetCryptoPer 
mission* V -y HtC <t -? TJCESecurity? 7^314 c%e 
tlmpl*y *y r--fcjg§*t& (636). 
[0043] X^6 3 2 GetCryptoPermissio 

-^^■mhtmrnx't^zt^^Ltzm^. xu 

6 4 0 tCjttf . Xg6 4 0T\ GetCryptoPermission* 

y -y Kt4. rxy y-i^ 3 y 1 o 4 tc-^x <5>n3trf^rw 

^cOJ: o^fffW^o*^^ 
GetCryptoPermission* V ••/ Y\±U1ficr> : ry 
=J-^Mg^$rfiM3LTCipheM yx?yxizlmz_&®m 
Z&fe-fZ (644). ©J^$r^-rS*&{i. l§5i£<0 

xme 1 2tcwaLTiKHjL^^tisitT-ss. «m 

-otctk. SMf>7#GetCryptoPermission* V y r-'fc 
i-oTGetlmpl^y -y VtzmZizZ, (648) . 
[0044] — 2f s 77'J*---/3yi 04(C|gft^>n 

S^r^aST-ibS t . GetCryptoPermission* V -y H 
*<ft£Lfc«£(CU:* IS6 5 2fcJKtf . IS6 5 2 
-C\ GetCryptoPermission*y -y K(2. in*. kiT-S^ 

^s«$rg*r &w*i<7>^nxi)-i)mmx'Z o 

J^Sr&^-fS. ftffcfltyCti, GetCryptoPermission^y 
••/bit. C:ix4>c0ft«r<0t-n*<B*$iiTV^Bf^-^r 
/P^yXAtcSfflT#2.*\ Sffl-rSfF^^^tcWL 



mz, GetCryptoPermission*y y h'ti, $J[®<9&[&1£ 
X'*Z>. 

[0045] m&ZtlXl^Bfr^<tT)U3'J XA**Blow 

fishT/i-rf yXA-e&y.. rry^-^ 3 y*^ ^2 

( 1 ) Blowfisht^- • *} 4—7-yy*5£V (2) Bl 

owfisht^- • y^ys'y- 

[0046] § nzmi iz^ztix^&m&nmfcwcg. 
x^&cr>x\ muvntmifi. B*LTv^sr7•yy-^ 

ti. ^f- ■ ^^-^-^^"Blowfishi^ffiffl^ix^, 
^^^SJttoC GetCryptoPermission^y y YifZ. 

ffi^T'^ SBlowf isht df- • >f -^->-^£0ffi^i5 
•yrA^^^ ilX V ^V^v^-C, i coff-sr^ mm £ fzit 

mmx'%%\,\ 

[0047] dc7)%^- s GetCryptoPermission^ V y H 

-r^ri?*>. ^i^cOX^hySr^LTJaa^fl-S. 

Blowfishi:^— • y /r^j-t^^tvf^^ 

-&h-&z&mx'Z &x y h y w&ofrh .m&tLx. 
z cr>wt^&&mximm*imiz* l a> l . rav ^-^-^ 

•t^:(i'^■^lT■^^>^•V^. GetCryptoPermission^ y -y H 

{z<r>mx-\ix- ■ y#Ay-) <o*sjp5rH^*««ffl»r 
ztnptsj&mmL*^. zomfcz'tromz. Getc 

ryptoPermission^ V -y HU«€$n^«MMiW»^R 

-rsw5&^-®w=5r^i 0 6 (04) zmmtt. z 

<Q%!M<7)&T (652 ) t X'iZ. GetCryptoPermission 
^ y -y HtifSW^n^^cO^-ril^^SfflT'^ 
dfrtWtt-hZtlztch. 

[0048] tWtfm.mX'% hZb ^GetCryptoPermiss 
ion* y -y H^^-S^-fc, GetCryptoPennissioruf 

y-yKti. wm?)^? *frbmfex'i±%<ftmm£.z& 

mt. Cipher-f >X?l/X\ l zMtt>ixZ,m$)*:&&th 
(656) . flf^tCti, GetCryptoPermission* V <y 

^^fr^rtratr^yxA^t^fiUf^^o 

TV^^^^X>-r-yA>^^S:^<. miOmX' 

Z<r>x>bVit, ^^tfog^x^hyx-^O, -e 

<0©ll«7«i©^iS* J 2 5 6h'»/ r-<7)3f- - y^N'y— £ 

d^^Biowfish-e^-s. ztit>e>fflfttfVi& m 
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Sf-J^Get.CryptoPennission.X V y H £ <fc oTJCESecuri ty 
^5X3 1 4<3%etlmpl^y -y KfcrilSilS (66 
0) . HuSBLfcioK, »^xyhij|i, a^, 
f7 M&£4 *) £>3$IH&b£#;n-^ 
iJrdtrti. ^T, Ht$kWs£.<F>m$}*m< Z t X\ 
GetCryptoPermission,* y -y K<4, Cipher^ yxfyx 

C 0 0 4 9 ] 6 5 2 o T , V^-fiXiOfFwr t 
"C#3rV^§-£\ GetCryptoPermission^V -y K<4$lJIStf) 
T7t^hiS$:fiMU, Cipher^ yxfy^lztol 
(644). K^SrS^-rs^a 

«4, xs6 1 2i t zm&Lx±§iT'm.wLtzjfmtmtT' 
hh. U->x. 77H^-> 3 yi04ii. T~rvr- 
is a ofc< flF^r^i. t>hX^%\\i%&t n t J: 
atlXOffi^ix^. ©J^'GetCry 
ptoPermission^y -y Ffc JroTGetlmpl.* y y K{Cjg£ 
(648) . ^BflL^ft<50«J:3^. GetCryptoPer 
mission;* V y KfdCipheM yXlZtUZ. £>i"l&ift| 

tiot. GetCryptoPennissioruf y -y Kt4, Cipher^ 

-^-x^ix.g.lS0«o$iJIS-C«^cc7)Bg^-^a 

5 t^l>. aV^i-Sfc. GetCryptoPennissio 
npf y y KJ4S<Kl^/l^$iJiH>£fln;i 4 d t~t& . 
[00 50] HU^tJti:d(c. Mil08^7 h- 

(Hi ) *ists®me>?y*)VhWLfetfmwLm±, m 
( i ) *in«?a}i£, axx/ < 2 ) s«>ffi (71/-A7- 

7 1 0 2*^A$^i.H^?t{imiiO&«) 
[005 1] Ztib&WMcri-t-y M4, &tA,t'<7)i%> 

fflLTfi=i>ixl)„ flrf^Wi, 20(7)^co-fe-y H4v 
-^'$ftT$l&l 08c0ifg:SI*-y h££fi£L, V-v 
<4, -e<7^#£*Ut$IJI&l 0 8*>'2Otf0^C0-fe-y KDg 

[0052] m9te-?-=j>im<7>mg : $:mLx^&. m 
izifiZtix^zzotz^ xmmmm o f?^ 

h 3 y#— *y h 7 0 6 £: h 7 0 8*> 
£>«j£$:h.|>. H«C, :gtfi£7 0 4{4, ?7*)VYa 

h 7 1 o t^ftn ^-*>- h 7 i 2*>£fii 

-r^^^hri^— ^->'h706i:7 1 0 



T , V.-K-^y h 7 0 8 £ 7 1 2(4, fmW&tf 

m&zixx^h^nms&mfeth. *&w<7)-mite 

^©tcfc^T. f7t/Ph3y^-^yh7 0 6, 7 1 
0t^rJV--K-^>-h7 08, 7 12(4ij(~, 07 t 

mmLxmwLtifflmco : f7*tuhm&7 1 4 fc&i&is 

5£7 1 6tmtmttLX^&. i-%*>-h. 

*>h7 0 6, 710, 708, 7 12(4, O&tili* 

£ mpth tztbco7 < K 3; *: (4 n >-t"t- £ fit 6 . 

( i > ^\tr)v^^xh,^tz\^mm- 
( 2 > msmm**tz\iwssH- 

( 3 ) **06£fcJ:tf 
( 4 ) ffiOHf^JRR 

[0053] &t>tvfZffl& 1 0 8 (Ct4, f7 *^ 
K3y.-K-^y h 7 0 6 fc 7 1 0 Jiy b 'J rtlcv- 
S-'XT, ff^lSSOTl OS^T^A-hiS^ 1 4£ 
4£f£-r6. ft»3V^yh708i:7 12S' 

xyhyrj:t:v-yt,t, #£>fx-5iMISl 0 8<O&l& 

see 7 16 zrttmimfrtvtztit* mt>ti 

feJORBl 0 8t4JCESecurityManager^7X3 1 60GetC 
ryptoPermission^ y •■/ Vt/Z£ -oX&RlZtlX , Cipher 

>f y^?yMznz-h1\&®m*®.'fc?l>. 
[0054] mz^ hi osz/iai lcoyu—^-h 

wxu. RfgA, B&j:v : c£&mLxm.W'tz>. mm 

im) tm-t. 4fc, iS«C{4-7-^m^^- (fci: 
^.(4, ff^ix^$iJ|5Sl 08) . H9fc^L£J:-3£, x 
7 5r;Uh3y^-^>h7 06, 7 10tM3y#- 

*>-h708, 712 imm<v?- : Jmft$:{m lxw 

[00 55] £T, Hiocoiaic, v-^'^ij^ 
aco»:cox y h y co«^-(4^tjcox>' h y ) osg? 
(804) StRLTtxyhy^B^Bcox 
>-hy tSritStT, itiC-ri.x^hy*ii8:^Bt3#^ 

f s*»t-^*»$-«t^rs (808) . *%pn<r>-msm 

©ictJV^T, C(yD^(4, SIR$iX^x>'hyoT^3' 
y XA^fc it^^Sffl^fc , K«B<7)X^ h 'JWI' 
3*yXA^isJ:^^«=fei:*Jt!KtTtT^iil>. R 
m b ox y h y i%m<r>T)V JVXAt %mm<?> 

hyt^rS. 2o<7)MiE-rsxyhy<o©I 
l8#Jt!R£ftT, &i>%mZti*ifflm£m5Z.-?& (8 2 
0) . 

[0056] Z<Dfjm<^mt LX , R^Ai: BOWtfcD 
T^3-yXA«*<RC5T', ^&I^S^*^#^£L^r^^xy 
hy$r#i.S. m&A<7)xybV<r>&*mfkW6 
4fc*yh, gT^OStSAU 2, RmBCOX^hyo 

g^jift* t i2 8f-yh, mrn'omtmnob-t 
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^^l:. St>*0$«7$^»JRBt±e^lS* 4 6 4 
t'-yK S^HOjEUatfl 0C:&&. dOW^LJt 

i d tawisr t (c« fctpjas mzmm^^ti?, . 

[0057] A^cg^^^tns^fti -^f*. ft 
xyh'j^m^Clc^^tT.S (824) . -rofrLv 

lyh'jcn 2o<o*r*E-f sx^y tmtr^v 
xjx^bmmm^^th. &tz. zcomL^^y 

k$OIS;*ft/iiHIE#^^-&. frLuxyhy#j£igC 

*H0«T#3r$;f"iS ( 8 2 8 ) . iy h U 
■^-S^fcti, MSS:XS8 0 4tcHLT. B£3SAtf)& 
coxyj-y&jIItRU «ffl-T4. xyhyj&CfiqtL&n 

*g&izi± % 3 2 tcjta^s. 

[0 0 58] Xg8 0 8*cK->T, iftJRA-eatRLJfcx 

B^SBicv^/i^H^-h'cox^hy^-^ 
L£vv^dJ&H3fi|»f#iflrSft* (8 12). 

ofc^. S^^iTJtxvhycoj&ii^wr-l.. J£Sg 
ccti. frU^xyhytfijSSft-f, jjuit^ k$Ra 
OifcOxy h y «r^T S^y>tC±g8 2 S^ittf . 
[00 59] — K^Btcy^/Ph'^-Fcoxy h y 

aw-f s k¥®f Static asis-ufcx* h y coshj 
m^titzmm^^-r^ ( s 1 6 > . ^co^(±, x 

S8 2 O^v^Tmi^L^BBtisi t^ffiT-lT^ix^,. 

®ctc^$^s (8 24) . .rtofrLuxvhytc 

&tf&GEt&« £tz. d£7)frLv^xyhy{c{i. ^£0©j 
RSt LT, X^8 1 6T^-o^fit>*J*<;$ix/v:$iJIS*i 
ShEe^S. ffLv>x>'hyi«jgc3gCfc^«$iiSi:. S 
ftStRLTV^x^hycoSas^Tt-?.. -eLT, H 
fcxy h y #j£3gA 5 *»<0¥flBr*«=5r$ii 
S (828) . xyhiJ^ttS^CIi, 5&3S-X 
g804£MLT. iS^AcO»:<7)x>-hy$-SJRL. 

[0060] m^.Ac^x.y h vff®mztifz&. mm 

a<t)x y h y £*tfi$ LSr^RSIt b <?>£x > h y Sr&n-f 

YA-Y<DX.yYVtffttt&frZofr*mrt-h (8 
32) . jR^Atfy-f/PK^-K^xyKy^oT^ 
^cv\^-, 3^B<DiUn<ox>-hyii, -HT.£>#i8:3ec 
tc^SitSjUn^xyhy t^scitti^^we. C 



Cy^PH^-h'wiy h y*«fiq£l,$ri,>*g\ Kmc 
coif lg*mT-ti. (836). 

[006 1 ] — ^T. KlAi:7^f^F*-K<7)l>'h'J 
#?R£-t&*§£\ JSSgBcDJjuiti, BtSftBco&coxyh 
y (ZP)Wi-£lim$]<r>x.yhV ) cr>mSifrt>%l&h (8 

40) . miRLtz^y botrnmcnx-yh y t£j£8c 

Lt\ *MS-f&x>-h y*^Ctc#^^,*>i:-d^Sr 
flBrTi (844) . #&HJ?>-S!itegflSKfcvvt\ d 
co^(i, ^tR^iXTtxvhy^r^^yXA^iiJctX 
&l$^fS£. ^r^mcR^Ccox>-by<7)T;l^3'yXA 

ttm^&x.yhvtmmctz3tofrr>izi§r&^ ss? 

$ix?txy i- 'J (i, KiA©iy h y cd*JUI<D— gpfc L 

M^LTV^xyhyco^S^giL&v^ 

T. *>UI# J X1S8 5 6 fcatC-CiftJRB co&coxy h y £ 

[0062] - 3u il#?$ix*:xy h yjWaSRCcOV^ 
ii£Oxyhy(i{,«JESLTV^v>^- s MViZtUzzzy 

h y <o» t ma a <d v 4 iv y * — y cox. y b y amm 
ZliMLxmi>®l#)ZtitzMmZikfe-?& (848) . 

zwtm±. 1S82 oiz-o^xm^Lfzm.mtmtiT 
L\,^ybvi>mmciz£m.zti& (852) . znm 

U^xvMJ Ui , iutx y h y t |h] t T^rf y 
XA*fcft»«ai«*q«rt- &zttz%&. ttz. z<r> 
ffLV^xy hyfc{±. -?-£0$fJ|5Bt LTxm8 4 8-c^S 

xyhy*J®^cic^$ix^ic, «?±SS?$^/sx 
y h 'J C05{IS*>'$IT^- . -e LT . B tcMtcx y h 

y tftp&thfrz 0 frzmfetz ( 8 5 6 ) . xy h y 
mm*TM&4oi<zmLxmk&<F>&. 

±^y h y ^T'^< . £x.yb y 

ft&fc. R^CcO^*^7-r-i> (860) . 

[0063] ^mico-mimmiz&^x . wui$*ifc 

V-v-'JIiSJiJCESecurity^ 7^. 3 1 4 O-f xi^^ 7>f 
^i-oTUff^iX^. JCESecurity^7X3 14^'B? 

Ifti. -fXv-^5-flf^Stt$ii^^2oiiLhiO-b 
•/b5r-7-^'LT, ©IRSO^-fe-y M 0 8^^m-TI>. 
^?ft&cD{2dc9©]|5Bc7)£:-fe-y M 08 (f7t^h 
SSfcm^^di^) T'ftO. Cilti. Cipher^ >- 
^.^ y^tCjni. ^ilS©I*«J$r^-ri>GetCryptoPermiss 

ion* y -y HfcJ: oT-eo^cfiOT^ixS. 

[0064 ] B?^L?tJ;-3tC, JCESecurity^7X3 1 
4<0GetImpl*V «y K**, Wii^-S-SW^IISIl 0 6 

<r>-<yx?yxtt.£m%i.x, mme>4yA?y*Z± 
&-f&. J yx?yx{k®m<7)— &bLX. Getlmpl* 
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-m^mm i o 6 £tgtiEu mm-f&-m.w%mm 1 

0 6^'7l/-A7-; 1 0 2 2rlgBE-f-5.i:V>3ffiSI2iiE 

*U (2) 7l/-A7-^102«JAR7T^M>*f 
is?JVm%xHi\. ( 3 ) JCESecurity^7^.3 1 4#*. 

mm-tz>-im%9mco jar??^ ii-cow&nmmz 

tmX'Z 6^«&fl!ia&ll«(obfuscated trusted pu 
bl ic keys) <7)-fe -y h SrSft&X/c-iib 0 . ( 4 ) B^TTS 
-«6<J=5r^l0 6«±. 71/-A7-^^JAR7r^ 

[0065] ZWm&Z-S-z. t>iXX , fflSfgfiEfr'&eD i 
■5fcH4f$ixS. £-f\ JCESecurity^^X3 141CS 
^4*^3T»««=flrta«4»H«l*ttfflLT. GetlmplX 
V -y h* tfWif-r £ -^W^H^O JAR77^/Wfy 

Getlmplp<y y KfcL Wii-t&HKW&l^l 0 

y*h7 77ti*BfrfiiiZixZ>J:ot,z-t&. ay Ah 7? 

imK^m. i o 6 tvfzmw&mmzim l 

71/-A7-;<?)JAR7r^;KOfy7/H^i& 
8SE-f&. 7 U-A7-y-<0 J AR7 r ;P£Ofx* 

>xh7 7 ?<iB:£§iTJt!!Sg<7H ? yxzmm-t 

hZttth. 7Wrt*6jWEL<$rv*S^ ay x 

mm-t&~&w%9mi 0 6tyu-j*v-? 1 o 
2cr>mutf]EL^m&mi. $mco-< yx^yxtmm 
zntztizzz. 

[0066] Z<T)imSm<nm^rX\ Geti*>i.x y -y K 

^mkry-msmmizti^x . Getim P i^y. y \nim& 

(VmiEZCV&niZmfrL^. mz^ Getlmpl^y -y K 

m%mm&mm$:?hmv>T ^^nm^smmizm^ l 
T^aE^rSfti.. ^-mw-mmmiza^x . *miw> 

X^/l-S^&ESfiJiJava RuntimeiOS^g^(Signa 
ture Mechanism) <I<0§£&fi§ti:£ J a v aSi 

%>mm\i tfmztuzj ^y^~^yhx-\t^\ 
t tx . s^^same l < fig™&ts*£iget-f a t 

jEL^timmmzmztLx^z) ztzmn-t&tzMz 



[0067] **i*HS£lIfl|£8tK'CS hiio iz-thti 
JCESecurity?5X3 1 4l,ZlZ'J>-%< 1 1 2O<0 

**. 131 2tCiK^ilT^i»„ 
[0 0 6 8] 01 2(c^$fLTV^J:3^. ^H^S 

m&mmzm7K-t&7 : ~j?)vm& immm.t.tz 

^SE^nTfig^-f^^/l^^) C0#tfg (904)K 

fibti. ^Zmn—mMBBlz&^Xli. yy-TJxWm 

ZmSLXfthtiZ. t:t Hi. 7 y 

iz^ ? y? (.tzklli. Ote-St) co 

igr%. m%xcr>i-otim$iiHxz>z.bi<ztch. jyyj*.* 

BbMHaMOH (tzbUf. lfcr— St) cDWrS. WlcoWZ, 
tfMft.Zti&Zbl,z%;2>. *%Pft<r>-mm&m<,zi$\,^ 

t, ii9 0 4wi. vxmzmRztitzw&z^m. 
Lxh'trfrixh. umizmiRztifcm&tf-zxmtmz, 

XS9 0 4 (c J; ^XttXOm%,tfmiR$1x&. z 

[0069] m&<?> i o*<ji^$^fife, 

(9 08) . mz. mzmmim&tfimzttfz 

h. z<r>m^f^mt>iL (9i2). iE5ittATO$ 
( 9 1 6 > . ftftcwcti:. m^mmizm^ttfzm 
2,&mmmx'$>-otimi!r. zni&gijK m&tftmz 
tvtzz t Zvk-tmmiz i o«if2$^^ . w&mffiizmtjk 
zitfzm&&mpFiimx'h-?tzi%&. zwmtf. m 

m^ztitim&izttbx&im'ifzimtfiELK* 
mztmimmx^zttfyiZh (92 
0 ) . zwmitiz. &m*>mtimT^-& (924). 

[0070] g^$iX7tS^^LTgftBX-5^ 
«J»3WEUV^, ttiE«!H36«n|lBetfS#Lfc3&»ifaA» 
tBILT^^Srtfa (9 28) . ClClT. nJiffiKco 
a^UHR (Jtfcxtf, 5)TfeS. n0||ff$^TV^ 

=5r^%&. jaa^rxs 904 izm. Lxi>o i %mz,zm 
zmmizmmt. im*mfetz>. tmznmgrLtz 
saa$riS9 3 2tcjifts. x^9 3 2^T5aa 

<^rV^. «U1^XS9 3 2i?S6-f fc. XS9 2 
4T-*IT-rSCi:{c^S) „ dOidfcLT, S«.^1t 
^ffiT-^S^t^*^. (9 3 2) . Zcom^rlC. m 

zmmu. mm-t&-®M%9m 1 o 6 zmm-t sceti 
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6) . 

[0071] ±f5<7>*!UlOJ£«<l KffiEBrffisSr-r S'*^^ 

[0072] r ^'^/PS^gJSEta 

V«ttElill(clK£&h.&iri£ i: fca=* tfcWUf&fc 
ate. *«^{iHRWfc:»B3*i.T, ffie-Oft 

j&^-tsrbo. *osii e«asfi-cv^v«ifkoaK£ 
[oo73]@i sifZ^ttx^Xoiz^ mwmit 

v««t:a^&*®*»4>tt4S (10 04) . <I<7)& 

^is i o o 4 immzttxi^mffiizb otf ao 

iiC^rS. 7^A&SM>*ffiico®Hi*i (Kb*. 
Jl l £— £t) i*o~r><Dm®.Wi5Z.tfW£iZtL 

zzbiztcz. *mn<r)-mimmizti^x » 

S1004 fctett9«HftS*i.fc««Rje i>#H:-f & . Jil 

xg i o o 4 iz x r )m<r>mmm.fctfmiR2ti2> . .r *t 

tl fif8t^^#*A^&< fci l.KiiiR^i-U fi«§ 
fit I >=5rv ««<oai£tt*^tcWiW-* <! i: £«aE L 

[0074] tif#g|&e<D 1 oaWBRSiifcaL M!R£*t 
>WIBBa^*ejRSnTi^vM««=«3S^-4 (100 

^cm-si£^srM«-r&. ^smz^im-ox 

(10 12). jBlttOIIIgSrffd (1016)„I«£ 

&im^tc^tfm7KZtifzfflmfc<r>jEL^isgx'% 
v^-. mmzfix^%\Mffitmmx'%^zbtf$ti£ 
(1020). z<7)^iz^ mE9mi>m-T'f& 

(1024). 

[0075] — ar. &im^tzfmw&7jkztifzmms. 



iMzmLXcOftfeZfrd (1028) . ZZX\ n(i 
ffi«<DM£ UMR (fcfcitf. 5)-C*S. nHJ^fr^ 
ixTV^^Jt^-, JtaSSrl^l 0 04(cMLT. t?l 

0 3 2(cittf. IS1 03 2 ZXim-th b . fl!H$iX 

AHBi^£*fLTS«U££i:j&<#a»* (Jfrg**IEL< 
3r^*§-£fl ffiJS#HI 1 0 3 2 fcrfeS^fcig 1 0 
24XmT-f&Zbt,z%&) . ^^idtcLT. ftffl$ 
ftT V^V^ff#j&i£T-$>.& Cl b tfmZZtlh (10 3 

2) . mmztix^%\. mmtfmmx'$> hzb vim £ 

tl& b , ttlEWl^Tf 4 ( 1 0 3 6). 
[0076] ±ie<0«yi«0iaaHi. 2ocofif$81&&!>*fi 

[0077] u\- v^x.rffy^m^mffy—mmm 
*im%tiii^-t-yhbLxmmzti&. *mn±. 

*)V—TtW~?*7V7-»z a— <7)Sun Microsystems, Inc. 
»Java (^»ffi®) /o^Sy/yXfAJ: 

yy^Xy-^-^b LTH^L#4. HI 4lc. 
iO^lifi^M^ll^^ixTfSa^b-A-^^XT-^l 1 

WfA 1 1 0 Oti. tiffi<?)ji(ltc«fflt-|.>'^ 110 

2i>i,<i±mcr>mm®ffi. %hv\,zj^x\ xozizmm 
ztixmmzam-t&y'n-iz-yy 1 io4££-tf. 3> 

tfj.-^^xAl 1 OOtCti. 7^7?-bX^t 

u (ram) tJt«ifaot&&9ie^B^i:co±feiigai 

1 0 6 tffl^&jfcixTfc 0 , 1 1 0 2(CfSMl$^.T 
7"nt7tl 1 0 4*i^rr-rSWfSi:^^«^-r4. 

±E1t^gl 1 0 611 7D*.ytl 104*^ 

&ft-?&m'&izi>&mzti&. £?z. nyta-^w 

fAllO 0(±. /<X 1 1 0 2t,zmm^tlXTxj-t •/•>)■ 

I I o 4tf&m-t&ffim:tfmb-fa&£mf-tz>mA-iii 
L^m^^v (rom) 1 1 o 8$.ttzfSi<7)ffimi&mw. 

Z-kts. m&TiX7tt:ltytT : <A7%b'<7>§i1MmW 

I I I o«. ><x 1 1 0 2izmmzti.ximbfii^co& 
mz&mztiz. 

[00 78] 3yti-^yXfAl 10 011 vui 
1 0 2^iLT»g^ (CRT) /iri:<7)x-fX7-^ 
-fill 2lc£^§*u nyej.-^jL— T-tcfff#$- 
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iimw. 1 1 1 4»2Ax 1 1 o nz&etztix. mmt? 

V>-H^tR^7'n-b-/Hfl 104(Ci*.g>. *-tim 

xfoffimta-vyvommzTn-t -yyi 1 0 4tc 

jMO. fa7I/>( 1 1 1 2<7)*-V)V<r)Wi%%mffl-? 

4. c<9A*i§j!SJ2, ajsBgim (fctiar, x) 

2W(7ti:^ y ) <02tt^2Sc0SiJg^ftoTtS 

[ o o 7 9 ] -aifsciiot, ± 

lEIi^S 110 6 JctSttSfifc 1 1 
&tt±mWt<r)i'- J )->XZmn-tZ>7v*:-yiri 104 
icjSl^Tn^b-^-^v-XT-Al 1 oo#*isgt-r&. i 
o i 3 Snfr^Jl leitSISi l l OKt'nayVsL-? 

1 1 o 6t,zm*-&£ti&. ±ssamm.i i o 6tcfg*rt$ 
*y*T$i^izitz-x&m-t&z\ti>x'Z&. t.tz. 
cDmn-sbitizmfez ti%\, * . 

[0080] ii-CttJBSfit^* rn^b-i-^tfM 

t»/tno4 c: t izmfa-tz&mo 

mft&xv&mmzmfeziv&^tiK ztit>£^ts$> 

SI 1 1 0%t'cr>lt7 : <X?£tzli®gi l T<X7tf$> 

mmmmza. ssz&mwi i o 6%z<r>mmi 
Ammtfhz. fcmmmzu. /um o 2£*&£-r& 

-f £tz. iS&i^mi. mUtizliMRRk* 

tiktawk. mm. tiXxsftT-fmmwzgif&z 

[ 0 0 8 1 ] Ttfc i.lf „ 3>-bfA-^*iR^ffi0^r^ 

-rt, L<te^fa^s^v&ft, cd-rom s -e^ffi 
vyOtMfo, ^y^-ij-Y. ffix-7\ ^coffe^-tfvCfljS 

<7)%S^fr> RAM, PROM&J:tfEPROM. F 
LASH-EPROM, ^OffiO^t'J-f- yTi, U< 
lia-hU-yS^ f^T^ffiiM^. ^^ti^<7)flfic7)3V 

[0 08 2] 3Vt?*-*jm^9^tt*J«»tfHV* 
**%affi£tt. 1 S fctt&Stod^ra 1 i fctiS&c/) 
3"-*->':*fc. ^SrHfl-rsrD-b yHfl 1 0 4(ca 



WAl 1 00£*tLTo-#/^^xAt2fl!Sirc 

<0x-?£§ff U iSS^HlSl^x-^^N'Xl 10 2 
±fcRiW4. Axi 10 2(1 x-^Sriiei^lgl 
1 0 6£3.fc. -ett. ro-kvtl 1 OAtf&ttM 

oabtufir-r^. iiet^ai 1 0 6#^wKo*n8r^ 

(1 ra-fey+M 1 0 4*>'||fi : -r4mM*cOi:**>^*Hc 

ra»t£«aaii 1 1 oizm?ztih. 

[0 08 3] 3ytj.-?yXfAl lOOil ttz. 
A'Xl 1 0 2(Ctg^^il^jift^^^-7x>fXl 1 1 
8£-&tf. ^-7i-fX 111 8<S2*|oI07 J 

-^aft^'nT^-C'fcO , D-*;^7h7-^ 112 2 
«y h7-7 U J"? 1 1 2 0 1 i>SS# 
-?T^-S. ilfl-O'^-^x'fXl 118 

ii. T-'v^yNS^-t'Xffl ( I SDN) *-F4fc« 

T-?mmmm£ttfo-r&fmcDWMmzmm-t&*T : 
£>k-t&z\bhX'Z&. &tz. z<?>m<oMtLx. mm 
■i y^-7i^i 1 1 8(i, x-^siftig^s-smA 

N^fit-r^D-^X'JT^-y hV-^ (LAN) # 

-Hfc-*-*ifc«»"C**. mwj>-7i>9mx-zz>. z 
<r>xo^mmx\ mm4>9-?*m \ 1 i8i±. v> 
^ v v% %mm.cr>ffimx'fr & ? is? jv^f- 9 <r>wx 

[0084] *7h7-^'jy?l 12 0li. il^. 1 

1 20{i. n-jj/U^-yh 1 ?-? 1 1 22£ 
ffifflLT^Xhrjyti-^ 1 1 24^tli>f^-^ 
•y hf-h'X7DAV /{ISP) 1126t:J: TCI 

tc, I SP 1 1 2 6{±-«tc r>f y^_^.y hj 1 1 2 

s^Dftm-c^s-itsw^^^-y hr-^aft^-y 

/M-y h V—9 1 1 2 2 1 4 V9-^y h 1 1 2 8ti. 

*^-thm^ts:hmz*~,yv-?vv9 11201 
<r>m j %t5i.V : mm4 y-9-7 x.4 xi 1 1 8 £WB-?h 

m^t±. mmzmjmmft%ffimwi<mz Lx^&. z 

AllOOClffit, 3yea-^yXfA1100A> 

[008 5] nyta-^yXfAl 1 0 011 *7h 
•7-?. *7h7-^'J^l 1 2 0iJj:lXa^>-^ 
^7x-(Xll 18£flMLT*-y-t-x£i£frt'£. 
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•rs^rft$-^-r*^i7)-iii^®to8^0Tft s . 

[014] ^BH^^-r^n^tfjL-^^-XxA^N 

-H i >xr/D7?itfci.. 



[0i] 



[06] 



106 



<110 



104 



102 



<110 



104 



106 



100 



108 
ARB 




/-444 



-448 



-452 



sew* 



(?1 9) )01-216043 (P2001 



[02] 



[05] 



202 



204 



206 



208 




448^. 



440^ 



[03] 



[07] 



-110 



era 



X 



104 



r110 



104 



CIPHER. 
GETCMSTAKCE 
CONSTRUCTOR 

•DOT 

-UPDATE 

•DOFIMAL 



y-306 



30fr\ 



API 



EXEMPTiaKMECHAKBM 
-GETINSTANCE 
CONSTRUCTOR. 
♦DOT 



• BCSYPTOALLOWED 



*302 



JCESBCUJUTY 
•GET3MPL 
INTTIALIZER 



^314 



316-v 
□ 7 



JCESECURTTYMAXACER 
• GETCRYPTQPERMISSIOK 



102 



108 



am 



-320 



(1) 7ildyXA€:BLOWFtSH 
ftttttflt: 



(2) 7^»JXA*:oes 



(3> 7^«JXA€:RC5 
ea>HB: i OS) 



(1) 7^'JXA«:BLOWF I SH 



teases 



25 6tfv I* 



(2) 7^'jX/»«:BLOWF I SH 



(£2 0 ) )01-216043 (P2001 — PF3JS 



[04] 



CIPHERSPr 
■ENGINEINIT 
• BNGtNEUPD ATE 
•ENGINEDO FINAL 



I 



312\ 
SPI 



ENGINEINIT 

• ENCaNEGENEXEMPTIONBLOB 



304 \" 



106- 



106 




(£ 1 ) )01-216043 (P2001 



[09] 



[012] 




804^ 



at* 



mil] 



824*6 




-904 
-908 



840 



BC*B<J> 



_ttL% 




ttttLrfitttftdftfcttffiS ^—848 



lfLi*x:/Mj*ftrjaT* 




—852 




[01 33 



-1004 



-1008 




1020 



1024 



(£2) )01-216043 (P200 l-'chlBERf 



[014] 



1112 



ill! 



1116 



1106 



ROM 



1110 



1102 







1104 






; fry i-?— $0 
1 «j "Jo \/ \ 



T-xy^^ffl 94108 ^y^^-r 

MJ — h 540 



